Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 21:47:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91
fleet/docs/Get started/FAQ.md
Gray Williams f1c2e46bcc
Update FAQ for Linux disk encryption (#43530) 
Adds information for disk encryption enforcement support to the notes
under supported operating systems.
2026-04-15 08:28:05 +01:00

54 KiB
Raw Blame History

FAQ

Can you host Fleet for me?

Fleet offers managed cloud hosting for Fleet Premium customers with large deployments.

While organizations of all kinds use Fleet, from Fortune 500 companies to school districts to hobbyists, today we are only currently able to provide fully-managed hosting for deployments larger than 700 hosts. (Instead, you can buy a license and self-host Fleet Premium with support.)

Fleet is simple enough to spin up for yourself (our operations guy did it). Premium features are available either way.

What is the easiest way to deploy Fleet?

Take a look at Deploying Fleet for guides on Render or deploy for scale with AWS Terraform. You can also deploy Fleet anywhere you want.

You can enroll servers and laptops using a simple installer or automatically deliver Fleet's agent (fleetd) using your existing tools, such as Chef, Terraform, Munki/autopkg, Ansible, Puppet, Jamf, Intune, etc. As of Fleet v4.53.0, when Fleet's MDM is enabled for MacOS, fleetd is installed as part of the bootstrap.

By default, Fleet keeps fleetd up to date automatically. For self-managed instances, Fleet provides a Simple upgrade process.

What options do I have for access control? What about auditing admin activity?

Fleet lets you define role-based access controls, the ability to assign different admins for different groups of hosts, and rolling deployments. Fleet has built-in audit logging (accessed through API or streamed to a data lake.)

In addition, you can do GitOps because you can control your Fleet instance through a git repo, allowing you to use your standard CI/CD and approval process. This also tracks the history of changes as commits.

Does Fleet include pre-built queries?

Fleet comes with a built-in library for reporting device health and also includes over 400 optional built-in CIS policies for Mac and Windows.

You can easily write reports yourself with auto-complete, as well as import queries for HID to detect IOCs using Yara or other intrusion detection mechanisms from the community or other vendors. Or, you can import policies to monitor for high-impact vulnerabilities such as a particular TPM chip; for example, a large vehicle manufacturer uses Fleet to do this.

Customers can build on these built-in policies to monitor ongoing compliance with regulatory standards like NIST, PCI, ISO, SOC, and HIPAA.

Has anyone stress-tested Fleet? How many hosts can the Fleet server handle?

Fleet is used in production deployments with hundreds of thousands of hosts and has been stress-tested to 150,000 online and 400,000 total enrolled hosts.

Its standard deployment practice to have multiple Fleet servers behind a load balancer. However, the MySQL database is typically the performance bottleneck and a single Fleet server can handle tens of thousands of hosts.

Will Fleet slow down my servers? What about my employee laptops?

Unlike legacy systems, Fleet gives you complete control over how frequent and labor-intensive the scanning is.

When you collect data with Fleet, the performance impact is automatically reported. You can analyze CPU, memory, and network usage or just compare whether a report's performance impact is “minimal,” “considerable,” or “excessive.” You can easily compare the average performance of a scan across all systems or troubleshoot performance on an individual host. If one of your queries gets too rowdy on a particular host, Fleet will temporarily disable it.

You can test changes on a small subset of hosts first, then roll them out to the rest of your organization.

What browsers does Fleet support?

Fleet supports the latest, stable releases of all major browsers and platforms.

We test each browser on Windows whenever possible, because our engineering team primarily uses macOS.

Note: This information also applies to fleetdm.com.

Desktop

  • Chrome
  • Firefox
  • Edge
  • Safari (macOS only)

Mobile

  • Mobile Safari on iOS
  • Mobile Chrome on Android

Note

  • Mobile web is not yet supported in the Fleet product.
  • The Fleet user interface may not be fully supported in Google Chrome when the browser is running on ChromeOS.

What host operating systems does Fleet support?

Fleet supports the following operating system versions on hosts.

OS Supported version(s)
macOS 14+ (Sonoma)
iOS/iPadOS 17+
Windows Pro and Enterprise 10 21H2 (E) (LTS)+, Server 2012+
Linux CentOS 7.1+, Ubuntu 20.04+, Fedora 38, 39, Amazon Linux 2+, Debian 11+, Red Hat Enterprise Linux (RHEL) 7, 8, 9, openSUSE 15.6+, Arch Linux, Omarchy
ChromeOS 112.0.5615.134+
Android 14+

While Fleet may still function partially or fully with OS versions older than those above, Fleet does not actively test against unsupported versions and does not pursue bugs on them.

Note

  • Not all osquery tables are available for every OS. Please check out the osquery schema for detailed information.
    • If a table is not available for your host, Fleet will generally handle things behind the scenes for you.
  • On Linux, Fleet Desktop is supported on the GNOME and KDE Plasma desktop environments.
    • Fedora requires a GNOME extension to enable system tray support. Other distributions like Ubuntu include this by default.
  • On Linux, enforcing disk encryption is only supported on Ubuntu Linux, Kubuntu Linux, and Fedora Linux hosts.
  • Fleet's default (un)install scripts use apt-get for Debian-based distributions, and dnf for Red Hat-based distributions. To install packages on CentOS versions prior to 8, either add dnf or edit install and uninstall scripts to use the yum or rpm command.
  • The fleetctl package command is not supported on DISA-STIG distribution.

Is Fleet MIT licensed?

Different portions of the Fleet software are licensed differently, as noted in the LICENSE file. The majority of Fleet is MIT licensed. Paid features require a license key.

How do I contact Fleet for support?

A lot of questions can be answered in the documentation or guides.

To get help from the community, visit https://fleetdm.com/support.

If your organization has Fleet Premium, you can access professional support with a guaranteed response time.

Do you offer pricing for unmanaged hosts? What about ephemeral hosts which may scale up or down?

For now, the number of hosts is the maximum cap of hosts enrolled at any given time. Unmanaged hosts ("Pending" MDM status in Fleet) are not included in the enrolled hosts count.

Where's the data stored?

Since Fleet is self-managed, some metadata is stored wherever it is deployed (e.g. Amazon, Azure, Google, your own data center, hybrid cloud, anywhere). That's done using a MySQL database, but the bulk of the data flows directly into a tool like Splunk or ElasticSearch. You can send that information to any of Fleet's supported log destinations.

Can I fork Fleet's source code and build upon it myself to create my own features?

Potentially! Fleet is open core with a source code license similar to GitLab's.

Anyone is free to contribute to the free or paid features of the project. We are always interested to hear feedback, and we are happy to take pull requests and ideas upstream any time we can.

Can I buy support or services separate from Fleet Premium?

The only way we are able to partner as a business to provide support and build new open source and paid features is through customers purchasing Fleet Premium.

How can I uninstall fleetd?

See the "How to uninstall fleetd" guide.

What is your commitment to open source stewardship?

  • When a feature is free and open source we won't move that feature to a paid tier. Features might be removed from the open source codebase in other cases, for example when combining features from multiple tiers into one new feature.

  • The majority of new capabilities added to Fleet will benefit all users, not just customers.

  • We won't introduce features into the open source codebase with a fixed delay; if a feature is planned to land in both it will be released simultaneously in both.

  • We will always release and open source all tests that we have for any open source feature.

  • The free version of Fleet is enterprise ready.

  • The open source codebase will not contain any artificial limits on the number of hosts, users, size, or performance.

  • The majority of new features contributed by Fleet Device Management Inc will be open source.

  • The product will be available for download without leaving an email address or logging in.

  • We will always allow you to benchmark the performance of Fleet. (Fleet also load tests the platform before every release, with increasingly ambitious targets. The scale of real time reporting supported by Fleet has increased 5,000% since 2019. Today, Fleet deployments support 500,000 devices, and counting. The company is committed to driving this number to 1M+, and beyond.)

What MySQL versions are supported?

Fleet is tested with MySQL 8.0.44, 8.4.8, and 9.5.0 (9.6.0 is currently incompatible). Newer versions of MySQL 8 typically work well. AWS Aurora requires at least version 3.10.3. Please avoid using MariaDB or other MySQL variants that are not officially supported. Compatibility issues have been identified with MySQL variants, and these may not be addressed in future Fleet releases.

What version of the Mac Admins osquery extension is supported?

Fleet deploys v1.2.7 of the Mac Admins osquery extension, with full support for the tables currently available in Fleet. For a list of supported tables, see the Fleet tables reference.