Question 1

How to install Doorman in production?

Accepted Answer

Follow the README's steps for setting up PostgreSQL, Redis, and SSL certificates, then configure environment variables like DOORMAN_SETTINGS. Docker deployment is supported but requires linking to external services, adding complexity.

Question 2

Doorman vs Kolide Fleet for osquery?

Accepted Answer

Doorman is a self-hosted, open-source alternative with strong tag-based configuration and extensibility via plugins, while Kolide Fleet offers a more polished UI and commercial support but may have licensing costs. Doorman suits teams wanting full control over infrastructure.

Question 3

Can Doorman send alerts to Slack?

Accepted Answer

Not out-of-the-box; the README lists only PagerDuty, email, Sentry, and logs as default alerting methods. You would need to develop a custom plugin using Doorman's extensible architecture to integrate with Slack.

Question 4

How to set up LDAP authentication in Doorman?

Accepted Answer

Configure DOORMAN_AUTH_METHOD to 'ldap' and provide LDAP server details per flask-ldap3-login documentation. The README warns that missing allowed domains or users in Google auth can expose the interface, so similar care is needed for LDAP.

Question 5

What database does Doorman require?

Accepted Answer

Doorman relies on PostgreSQL 9.4 or later for storing osquery results and configurations, as noted in the troubleshooting section where JSONB type errors indicate version issues. It does not support other databases like MySQL.

Question 6

How to scale Doorman for large fleets?

Accepted Answer

Use the tag-based system to manage configurations efficiently, and ensure PostgreSQL and Redis are optimized for high write loads from osquery logs. The README doesn't provide detailed scaling guides, so experimentation may be needed.

Doorman

What is Doorman?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions