Fleet logo
Menu An icon indicating that interacting with this button will open the navigation menu.
Fleet logo An 'X' icon indicating that this can be interacted with to close the navigation menu.
Solutions A small chevron
Device management

Device management

Remotely manage, and protect laptops and mobile devices.

Orchestration

Orchestration

Automate tasks across devices, from app installs to scripts.

Software management

Software management

Inventory, patch, and manage installed software.

Extend Fleet

Extend Fleet

Integrate your favorite tools with Fleet.

Customers A small chevron
Stripe + Fleet

Stripe + Fleet

Stripe consolidates multiple tools with Fleet.

Foursquare + Fleet

Foursquare + Fleet

Foursquare quickly migrates to Fleet for device management.

What people are saying

What people are saying

Stories from the Fleet community.

Pricing
More A small chevron
Try it yourself Get a demo
{{thisPage.meta.articleTitle}}
search

Import and export queries in Fleet

{{articleSubtitle}}

| The author's GitHub profile picture

Noah Talerman

Share

Share this article on Hacker News Share this article on LinkedIn Share this article on Twitter
Docs Docs REST API REST API Guides Guides Get a demoGet a demo

Import and export queries in Fleet

{{articleSubtitle}}

| The author's GitHub profile picture

Noah Talerman

Import and export queries in Fleet

Import and export queries in Fleet

When managing multiple Fleet instances, you may want to move queries from one instance to another. Or, when inspired by queries shared by a member of the osquery community, you might want to import these queries into your Fleet instance. To do this, you need to have access to a Unix shell and the fleetctl CLI tool.

Below are two example scenarios.

Example scenario 1: Moving queries from one Fleet instance to another

Let’s say you use Fleet at work and you also have a Fleet instance in your lab at home. You were testing some queries at home and you want to share these queries with your team at work.

How to export and import queries:

  1. In your home lab, run the fleetctl login command to log in to Fleet.

  2. Run the following command to export your queries into a queries.yml file:

fleetctl get queries --yaml > queries.yml

An icon indicating that this section has important information

queries.yml will be created in your current working directory.

  1. Upload your queries.yml file to GitHub so that you can download this file onto your work computer.

  2. At work, with queries.yml downloaded in your current working directory, run the following command to import your queries:

fleetctl apply -f queries.yml

Example scenario 2: Importing community queries into Fleet

You just found a collection of awesome queries for Fleet and you want to import them into your Fleet instance.

How to import queries:

  1. Create a new file, palantir-queries.yml, and paste in the desired queries in the correct Fleet configuration format.
  2. Run the command fleetctl apply -f awesome-queries.yml.

Could this post be more helpful?

Let us know if you can think of any other example scenarios you’d like us to cover.