search

fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
https://fleetdm.com
Other
2.93k stars 409 forks source link

Hosts with no policies scoped to them showing 1 failed policy #21591

Closed ddribeiro closed 3 days ago

ddribeiro commented 2 weeks ago

Fleet version: 4.55

💥  Actual behavior

A customer is experiencing an issue where some hosts enrolled in their Fleet server are showing they have 1 failed policy even though there are no policies scoped to those hosts. In fact, there are no polices configured at all across the entire instance.

This is shown in the UI: image (4)

And the API in the response for GET /api/v1/fleet/hosts/:id:

"issues": {
            "failing_policies_count": 1
        }

🧑‍💻  Steps to reproduce

I have not been able to identify any steps to create or reproduce this behavior. The created_at date of all the hosts that show this problem is around when we upgraded our managed cloud customers to 4.54.

🕯️ More info (optional)

When querying the Fleet database:

SELECT * FROM policy_membership;

Returns and empty set (showing there are no policies)

SELECT * from host_issues;

Returns a set with hosts 1-13 having a failing_policies_count of 1. All the hosts that have this have a created_at date of 2024-07-22. All hosts with a created_at date after this correctly show a failing_policies_count of 0.

JoStableford commented 2 weeks ago

Related to a Slack conversation

lucasmrod commented 2 weeks ago

Looks related to https://github.com/fleetdm/fleet/issues/21470.

xpkoala commented 3 days ago

Closing - work for this item will take place on #21470

fleet-release commented 3 days ago

Policies vanish, Yet ghosts appear in the code, Fleet, now clearer skies.