I have osquery agent returning results but the result page keeping saying "1 agent has responded, no osquery data has been reported."
1 Like
Hey @meni0n, thanks for reaching out to us.
I am working on the Osquery Manager integration at Elastic, I will try to help and figure out what is happening. But first, I would need to get more context.
- Could you specify where you're seeing these results? Is it Osquery manager, or any other kibana functionality?
- How does the query look like?
- Also, what version are you on?
Thanks in advance
1 Like
Usually when i have seen this behavior it means the agent is unable to ingest the documents to elasticsearch but is able to reach the fleet servers.
So from a fleet perspective it lets you know it executed but due to a connection error, firewall blocks or ingest failures the documents don't show up in elastic.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.