search

fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
https://fleetdm.com
Other
3k stars 416 forks source link

Allow disabling vulnerabilities processing but keeping software inventory #19546

Open getvictor opened 4 months ago

getvictor commented 4 months ago

Goal

User story
As an IT admin,
I want to disable (or scale back) the vulnerabilities job but keep the software inventory
so that I can optimize my compute resources.

Context

Currently, disabling the vulnerabilities job means that no software shows up on the Software page. In addition, software and software_titles are not cleaned up from DB if they are no longer installed on any hosts. The cleanup only happens during the vulnerabilities job.

We should have separate enables (and periodicities) for vulnerabilities and software inventory jobs.

Changes

Product

Engineering

ℹ️  Please read this issue carefully and understand it. Pay special attention to UI wireframes, especially "dev notes".

QA

Risk assessment

Manual testing steps

  1. Step 1
  2. Step 2
  3. Step 3

Testing notes

Confirmation

  1. [ ] Engineer (@____): Added comment to user story confirming successful completion of QA.
  2. [ ] QA (@____): Added comment to user story confirming successful completion of QA.
noahtalerman commented 3 months ago

Currently, disabling the vulnerabilities job means that no software shows up on the Software page. In addition, software and software_titles are not cleaned up from DB if they are no longer installed on any hosts. The cleanup only happens during the vulnerabilities job.

Hey @getvictor do we document this current behavior?

getvictor commented 3 months ago

Currently, disabling the vulnerabilities job means that no software shows up on the Software page. In addition, software and software_titles are not cleaned up from DB if they are no longer installed on any hosts. The cleanup only happens during the vulnerabilities job.

Hey @getvictor do we document this current behavior?

I don't think so. Most customers run the vulnerability job, so this is not an issue for most.