Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow disabling vulnerabilities processing but keeping software inventory #19546

Open
getvictor opened this issue Jun 5, 2024 · 5 comments
Open

Allow disabling vulnerabilities processing but keeping software inventory #19546

getvictor opened this issue Jun 5, 2024 · 5 comments
Assignees
@noahtalerman
Labels
customer-preston :product Product Design department (shows up on 🦢 Drafting board)

Comments

@getvictor
Copy link
Member

getvictor commented Jun 5, 2024
edited by noahtalerman
Loading

  • customer-preston: Gong snippet: https://us-65885.app.gong.io/call?id=9055749605989713649&highlights=%5B%7B%22type%22%3A%22SHARE%22%2C%22from%22%3A577%2C%22to%22%3A614%7D%5D
  • @noahtalerman: User requested this because they want to see all software that's installed across all their hosts on the Software page. Currently, they only see software that's available for install because they disabled the vulnerabilities scheduled job. Currently, this job maps software to vulnerabilities and aggregates software data across hosts. So, if one turns off the job, they won't get vulnerabilities and they will only see software available for install on the Software page. Preston hosts one Fleet instance for each of their customers. They want to save money on compute costs. One way they found that they could save money is by disabling the vulnerability processing job. "It would be a couple extra $10k a year."
    • @noahtalerman: Eventually Fleet could add a new configuration option to enable/disable software aggregation (decouple from vulnerability job). Preston would enable this and keep vulnerability processing disabled.
      • @noahtalerman: If Fleet does this, how much does it cost to do software aggregation without vulnerability processing? Maybe software aggregation is the most memory intensive.
@getvictor getvictor added story A user story defining an entire feature ~backend Backend-related issue. #g-endpoint-ops Endpoint ops product group ~feature fest Will be reviewed at next Feature Fest customer-preston labels Jun 5, 2024
@getvictor getvictor changed the title Allow disabling vulnerability processing but keeping software inventory Allow disabling vulnerabilities processing but keeping software inventory Jun 6, 2024
This was referenced Jun 6, 2024
Closed
Merged
@noahtalerman
Copy link
Member

noahtalerman commented Jun 20, 2024
edited
Loading

Currently, disabling the vulnerabilities job means that no software shows up on the Software page. In addition, software and software_titles are not cleaned up from DB if they are no longer installed on any hosts. The cleanup only happens during the vulnerabilities job.

Hey @getvictor do we document this current behavior?

@getvictor
Copy link
Member Author

Currently, disabling the vulnerabilities job means that no software shows up on the Software page. In addition, software and software_titles are not cleaned up from DB if they are no longer installed on any hosts. The cleanup only happens during the vulnerabilities job.

Hey @getvictor do we document this current behavior?

I don't think so. Most customers run the vulnerability job, so this is not an issue for most.

@noahtalerman noahtalerman removed the ~feature fest Will be reviewed at next Feature Fest label Jul 1, 2024
@ddribeiro ddribeiro mentioned this issue Sep 27, 2024
Open
@pintomi1989 pintomi1989 added the ~feature fest Will be reviewed at next Feature Fest label Nov 21, 2024
@noahtalerman noahtalerman removed the ~feature fest Will be reviewed at next Feature Fest label Dec 10, 2024
@noahtalerman noahtalerman added ~feature fest Will be reviewed at next Feature Fest #g-software Software product group and removed story A user story defining an entire feature #g-endpoint-ops Endpoint ops product group labels Dec 19, 2024
@noahtalerman
Copy link
Member

Goal

User story
As an IT admin,
I want to disable (or scale back) the vulnerabilities job but keep the software inventory
so that I can optimize my compute resources.

Context

Currently, disabling the vulnerabilities job means that no software shows up on the Software page. In addition, software and software_titles are not cleaned up from DB if they are no longer installed on any hosts. The cleanup only happens during the vulnerabilities job.

We should have separate enables (and periodicities) for vulnerabilities and software inventory jobs.

@noahtalerman
Copy link
Member

@pintomi1989 can you please add a Gong snippet from preston? We want a Gong snippet before we can prioritize this one (I just realized we're missing one).

@noahtalerman noahtalerman added #g-customer-success Customer success issue. and removed ~backend Backend-related issue. ~feature fest Will be reviewed at next Feature Fest #g-software Software product group labels Dec 20, 2024
@pintomi1989
Copy link
Contributor

Hey @noahtalerman - Here's the clip for customer-preston: https://us-65885.app.gong.io/call?id=9055749605989713649&highlights=%5B%7B%22type%22%3A%22SHARE%22%2C%22from%22%3A604%2C%22to%22%3A641%7D%5D

@pintomi1989 pintomi1989 removed the #g-customer-success Customer success issue. label Dec 20, 2024
@pintomi1989 pintomi1989 removed their assignment Dec 20, 2024
@noahtalerman noahtalerman added the :product Product Design department (shows up on 🦢 Drafting board) label Dec 23, 2024
@noahtalerman noahtalerman self-assigned this Dec 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@noahtalerman noahtalerman

Labels
customer-preston :product Product Design department (shows up on 🦢 Drafting board)
Milestone
No milestone
Development

No branches or pull requests
3 participants
@getvictor @noahtalerman @pintomi1989