Checkmk werks level1 January 2023

checkmk-werks-lvl1@lists.checkmk.com

25 participants
89 discussions

Checkmk Werk 14572: Prometheus: Deprecation of `kube-state-metrics` scrape target

by Solomon Jacobs

ID: 14572 Title: Prometheus: Deprecation of `kube-state-metrics` scrape target Component: Checks & agents Level: 1 Class: Bug fix Version: 2.2.0i1 The Prometheus agent provides the `kube-state-metrics` as a possible data source. This in turn would enable the following checks. <ul> <li>k8s_resources</li> <li>k8s_namespaces</li> <li>k8s_conditions</li> <li>k8s_pod_container</li> <li>k8s_service_info</li> <li>k8s_daemon_pods</li> </ul> However, these checks are no longer actively maintained, since they have been superseded by their counterparts in the Kubernetes agent. Moreover, the `kube-state-metrics` target <ul> <li>does not support new versions of kube-state-metrics (v2.0.0-alpha / 2020-09-16 or newer),</li> <li>does not provide the information required to fully support monitoring and</li> <li>is stricly inferior to monitoring via the Kubernetes agent.</li> </ul> For this reason, this option will be removed in Checkmk 2.3.0. If you are affected by this change, you need to setup your monitoring as per these instructions: https://docs.checkmk.com/latest/en/monitoring_kubernetes.html

1 year, 6 months

Checkmk Werk 15169: host_config & folder_config: fix validation for remove_attributes when using custom attributes

by Wontek Hong

ID: 15169 Title: host_config & folder_config: fix validation for remove_attributes when using custom attributes Component: REST API Level: 1 Class: Bug fix Version: 2.2.0i1 Prior to this werk, the REST-API returned a 400 error when a custom attribute was provided in the remove_attributes field in the update endpoint. This werk fixes this error by passing the validation mechanism to the endpoint.

1 year, 6 months

Checkmk Werk 15167: folder_config: fix querying a folder with invalid time in network scan option

by Wontek Hong

ID: 15167 Title: folder_config: fix querying a folder with invalid time in network scan option Component: REST API Level: 1 Class: Bug fix Version: 2.2.0i1 Prior to this werk, the REST-API raised an error when the user tried to query a folder config which had the network scan option configured with 24:00 in one its time ranges. This werk fixes this behaviour.

1 year, 6 months

Checkmk Werk 15108: Broken links in service summaries

by Moritz Kiemer

ID: 15108 Title: Broken links in service summaries Component: Checks & agents Level: 1 Class: Bug fix Version: 2.2.0i1 Links rendered in service summaries where not clickable if another result followed the link.

1 year, 6 months

Checkmk Werk 14394: Changing password fails when a password policy is enforced

by Hannes Rantzsch

ID: 14394 Title: Changing password fails when a password policy is enforced Component: Setup Level: 1 Class: Bug fix Version: 2.2.0i1 When a password policy (e.g. minumum length) was configured users could not change their passwords due to an internal error. Affected users would see the error message `Internal error: object of type 'Password' has no len()`. This is now fixed.

1 year, 6 months

Checkmk Werk 15166: KUBE: addition of available to StatefulSets replicas

by Wontek Hong

ID: 15166 Title: KUBE: addition of available to StatefulSets replicas Component: Checks & agents Level: 1 Class: New feature Version: 2.2.0i1 This werk adds the available replicas field of the StatefulSets to the <tt>kube_replicas</tt> check plugin. Similar to the ready replicas, the not available duration threshold can be configured via the check plugin's rule.

1 year, 6 months

Checkmk Werk 14768: mssql.vbs: some database specific sections contain data from a different database

by Lisa Pichler

ID: 14768 Title: mssql.vbs: some database specific sections contain data from a different database Component: Checks & agents Level: 1 Class: Bug fix Version: 2.2.0i1 If you require this fix, you must reinstall the agent plugin "mssql.vbs" on the relevant hosts. Please note that applying this fix could lead to vanished services. If this is the case, it makes sense to remove them from your monitoring, as these services belong to a different database and have been falsely created. You can find detailed error messages in the host's agent output. In some settings the user that is used to run queries against the various databases on a MSSQL server does not have access rights to query all databases. This could lead to data from a different database shown for any database that the user could not query. Known services affected by this error: LI: tablespaces LI: transactionlogs LI: datafiles LI: clusters The problem was that the error after attempting to switch to a different database was not captured, and it was assumed to be successful. Instead, the subsequent query was run against the database the user could last switch to. If you would like to give the user extended access rights to query all databases, please read the article at https://kb.checkmk.com/x/pAKqAg We have introduced a more consistent way to perform queries against the system and handle any errors.

1 year, 6 months

Checkmk Werk 15106: mounts: "failover" cluster mode always reported UNKNOWN

by Moritz Kiemer

ID: 15106 Title: mounts: "failover" cluster mode always reported UNKNOWN Component: Checks & agents Level: 1 Class: Bug fix Version: 2.2.0i1 The service "Mount options of ..." would always report UNKNOWN if configured for failover mode on clusters.

1 year, 6 months

Checkmk Werk 15065: Path-Traversal in MKP storing

by Maximilian Wirtz

ID: 15065 Title: Path-Traversal in MKP storing Component: Other Components Level: 1 Class: Security fix Version: 2.2.0i1 Previous to this Werk it was possible that an authenticated user with admin rights uploads a malicious MKP leading to a file creation with an attacker controlled path. We thank Niko Wenselowsk (SVA) for reporting this issue. Affected versions are: LI: 2.0.0 previous to this Werk LI: 2.1.0 previous to this Werk LI: 1.6.0 is not affected Detection possibilities: A audit log is written when an extension package is uploaded. You can look for a entry with <tt>Uploaded extension package</tt> follwed by a package name and version containing sequences of <tt>../</tt>. Vulnerability Management: We have rated the issue with a CVSS Score of 3.5 (low) with the following CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L. We assigned CVE-2022-4884 to this vulnerability.

1 year, 6 months

Checkmk Werk 15064: Agent updater checks for certificate validity

by Maximilian Wirtz

ID: 15064 Title: Agent updater checks for certificate validity Component: agents Level: 1 Class: New feature Version: 2.2.0i1 The agent updater now reports about the status of the trusted certificates for agent signatures. The status of those certificates is then checked by the service Check_MK Agent as follows: LI: Warn if a certificate is corrupt LI: Warn if a certificate is not valid anymore LI: Warn if a certificate is about to become invalid LI: Crit if there is no trusted certificate LI: Warn/Crit if there will be no valid cert in 90/30 days.

1 year, 6 months

← Newer
1
2
3
4
5
6
7
8
9
Older →

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Checkmk werks level1 January 2023