Changes:
- Updated the send-data-to-vanta script to exclude built-in macOS
applications (besides XProtect) when reporting device inventory for a
Vanta Integration. This is done to reduce the size of the device
inventory request and allow for more macOS hosts to be reported to
Vanta.
Related to: https://github.com/fleetdm/fleet/issues/30993
Changes:
- Updated the `send-data-to-vanta` script to limit the number of API
requests sent to host details endpoints at once.
Related to: #27943
Changes:
- Updated the `send-data-to-vanta` script to continue running for a
Vanta connection if the get host API returns an error. It will now store
a detailed error and log them all when the script is finished running.
Changes:
- Updated the send-data-to-vanta script to only send information about
hosts from specific teams to vanta (For Fleet's vanta integration only)
Closes: https://github.com/fleetdm/confidential/issues/6844
Changes:
- Updated the send-data-to-vanta script to retry failed requests to
Fleet instances and increased the timeout on the requests to the /hosts
endpoint
Changes:
- Added a prefix to the warning logged in the send-data-to-vanta script
if an error is thrown.
- Updated the logged errors to include the raw error
Related to: #17699
Changes:
- Updated the `send-data-to-vanta` script to retry requests to Vanta's
`https://api.vanta.com/oauth/token` API endpoint that return a `504`
response.
Changes:
- Chained a `.retry()` onto the post request that refreshes
authorization tokens for Vanta connections, that will retry requests
that return a `503 service unavailable` response.
https://github.com/fleetdm/confidential/issues/2118
Changes:
- Updated the send-data-to-vanta script to report the `extension_id` of
browser extensions installed on a host if the API response from the
Fleet instance includes that value.
Changes:
- Wrapped requests that have `.retry()` in a try-catch block. Errors
thrown by the `.retry()` method are not currently not being caught by
the `intercept()` chained onto the request, and cause the script to stop
running.
Changes:
- Updated the send-data-to-vanta to set a boolean value for the
`isManaged` property of Windows and macOS hosts if the
`enrollment_status` of a host's `mdm` property is either "On (automatic)
or "On (manual)".
Closes: #9735
Changes:
- Updated the `send-data-to-vanta` script to:
- Sync Windows hosts with Vanta.
- Report the MDM status of macOS hosts.
- Updated the notes on the `/connect-vanta` page to link to the screen
lock policy for Windows.
Changes:
- Changed the message logged when a Vanta integration has an error to a
warning so our Papertrail alerts will be triggered whenever a Vanta
integration has an error.
The intention is to have Vanta stop showing warnings for missing MFA on
API-only users. It's not clear if setting `UNSUPPORTED` is the correct
solution, but it does seem more accurate than setting the `mfaEnabled`
to `true`.
