A customer is experiencing an issue where some hosts enrolled in their Fleet server are showing they have 1 failed policy even though there are no policies scoped to those hosts. In fact, there are no polices configured at all across the entire instance.
This is shown in the UI:
And the API in the response for GET /api/v1/fleet/hosts/:id:
"issues": {
"failing_policies_count": 1
}
🧑💻 Steps to reproduce
I have not been able to identify any steps to create or reproduce this behavior. The created_at date of all the hosts that show this problem is around when we upgraded our managed cloud customers to 4.54.
🕯️ More info (optional)
When querying the Fleet database:
SELECT * FROM policy_membership;
Returns and empty set (showing there are no policies)
SELECT * from host_issues;
Returns a set with hosts 1-13 having a failing_policies_count of 1. All the hosts that have this have a created_at date of 2024-07-22. All hosts with a created_at date after this correctly show a failing_policies_count of 0.
Fleet version: 4.55
💥 Actual behavior
A customer is experiencing an issue where some hosts enrolled in their Fleet server are showing they have 1 failed policy even though there are no policies scoped to those hosts. In fact, there are no polices configured at all across the entire instance.
This is shown in the UI:
And the API in the response for
GET /api/v1/fleet/hosts/:id
:🧑💻 Steps to reproduce
I have not been able to identify any steps to create or reproduce this behavior. The
created_at
date of all the hosts that show this problem is around when we upgraded our managed cloud customers to 4.54.🕯️ More info (optional)
When querying the Fleet database:
Returns and empty set (showing there are no policies)
Returns a set with hosts 1-13 having a
failing_policies_count
of1
. All the hosts that have this have acreated_at
date of2024-07-22
. All hosts with acreated_at
date after this correctly show afailing_policies_count
of0
.