Werk 15626 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: KUBE: Addition of CronJob Inventory
Class: feature
Compatible: compat
Component: checks
Date: 1686249924
Edition: cre
Knowledge: undoc
Level: 1
Version: 2.3.0b1
This feature extends the Kubernetes monitoring. The inventory of a CronJob host now features the
'Metadata' path, which is already available for other piggybacked hosts.
------------------------------------<diff>-------------------------------------------
Title: KUBE: Addition of CronJob Inventory
Class: feature
Compatible: compat
Component: checks
Date: 1686249924
Edition: cre
Knowledge: undoc
Level: 1
- Version: 2.2.0p3
? ^ ^^
+ Version: 2.3.0b1
? ^ ^^
This feature extends the Kubernetes monitoring. The inventory of a CronJob host now features the
'Metadata' path, which is already available for other piggybacked hosts.
Werk 15641 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: Prometheus: Properly Encode PromQL Queries
Class: fix
Compatible: compat
Component: checks
Date: 1694340058
Edition: cre
Knowledge: doc
Level: 1
Version: 2.3.0b1
The Prometheus agent allows specifying PromQL queries via the option <tt>Service creation using
PromQL queries</tt>. In 2.2.0, any query containing a '+' would not be encoded properly. For
example, the query
C+:
up{container=".+"}
C-:
would result in a HTTP request, which is interpreted by Prometheus as
C+:
up{container=". "}
C-:
------------------------------------<diff>-------------------------------------------
Title: Prometheus: Properly Encode PromQL Queries
Class: fix
Compatible: compat
Component: checks
Date: 1694340058
Edition: cre
Knowledge: doc
Level: 1
- Version: 2.2.0p10
? ^ ^ -
+ Version: 2.3.0b1
? ^ ^
The Prometheus agent allows specifying PromQL queries via the option <tt>Service creation using
PromQL queries</tt>. In 2.2.0, any query containing a '+' would not be encoded properly. For
example, the query
C+:
up{container=".+"}
C-:
would result in a HTTP request, which is interpreted by Prometheus as
C+:
up{container=". "}
C-:
Werk 15643 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: nvidia_smi: Show Use full PCI bus ID
Class: fix
Compatible: incomp
Component: checks
Date: 1695304807
Edition: cre
Knowledge: doc
Level: 1
State: unknown
Version: 2.3.0b1
This change affects users of the following checks:
* nvidia_smi_memory_util
* nvidia_smi_gpu_util
* nvidia_smi_en_de_coder_util
* nvidia_smi_power
* nvidia_smi_temperature
Previously, the PCI bus ID of NVIDIA GPUs would be incorrectly removed. This caused GPUs to be
omitted, which should have been discovered. With this Werk, the full PCI bus ID is used as a service
item. Users must rediscover the services.
------------------------------------<diff>-------------------------------------------
Title: nvidia_smi: Show Use full PCI bus ID
Class: fix
Compatible: incomp
Component: checks
Date: 1695304807
Edition: cre
Knowledge: doc
Level: 1
State: unknown
- Version: 2.2.0p11
? ^ ^ -
+ Version: 2.3.0b1
? ^ ^
This change affects users of the following checks:
* nvidia_smi_memory_util
* nvidia_smi_gpu_util
* nvidia_smi_en_de_coder_util
* nvidia_smi_power
* nvidia_smi_temperature
Previously, the PCI bus ID of NVIDIA GPUs would be incorrectly removed. This caused GPUs to be
omitted, which should have been discovered. With this Werk, the full PCI bus ID is used as a service
item. Users must rediscover the services.
Werk 15610 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: Fix <tt>Error in LIVESTATUS_TCP_ONLY_FROM</tt> during <tt>omd config</tt>
Class: fix
Compatible: compat
Component: omd
Date: 1683186871
Edition: cre
Knowledge: doc
Level: 2
Version: 2.3.0b1
If a user ran the command <tt>omd config</tt> and selected <tt>Distributed Monitoring >
LIVESTATUS_TCP_ONLY_FROM</tt>, then the following error was shown
C+:
Error in LIVESTATUS_TCP_ONLY_FROM
C-:
With this Werk, the error no longer occurs.
------------------------------------<diff>-------------------------------------------
Title: Fix <tt>Error in LIVESTATUS_TCP_ONLY_FROM</tt> during <tt>omd config</tt>
Class: fix
Compatible: compat
Component: omd
Date: 1683186871
Edition: cre
Knowledge: doc
Level: 2
- Version: 2.2.0b7
? ^ ^
+ Version: 2.3.0b1
? ^ ^
If a user ran the command <tt>omd config</tt> and selected <tt>Distributed Monitoring >
LIVESTATUS_TCP_ONLY_FROM</tt>, then the following error was shown
C+:
Error in LIVESTATUS_TCP_ONLY_FROM
C-:
With this Werk, the error no longer occurs.
Werk 15609 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: KUBE: Limit collection time for <tt>Persistent Volume Claims & Persistent Volumes</tt>
Class: fix
Compatible: compat
Component: checks
Date: 1682683781
Edition: cre
Knowledge: doc
Level: 1
Version: 2.3.0b1
This change affects those using the <tt>Kubernetes</tt> together with the feature <tt>Collect
information about Persistent Volume Claims & Persistent Volumes</tt> (available in 2.2.0 and above).
With this feature turned on, the Kubernetes agent will contact the kubelet on each node via a proxy
provided by the Kubernetes API server. This means the data collection depends on the number of
nodes and the latency of the Pod network. If this data collection takes too long, the Kubernetes
agent may timeout. This in turn causes the previously collected API data to be discarded.
With this Werk, the data collection time is limited to 30 seconds. The omission of the data causes
the omission of metrics from the <tt>PVC</tt> service of a Pod. This is consistent with how missing
data is handled, if the corresponding kubelet is down.
------------------------------------<diff>-------------------------------------------
Title: KUBE: Limit collection time for <tt>Persistent Volume Claims & Persistent Volumes</tt>
Class: fix
Compatible: compat
Component: checks
Date: 1682683781
Edition: cre
Knowledge: doc
Level: 1
- Version: 2.2.0b7
? ^ ^
+ Version: 2.3.0b1
? ^ ^
This change affects those using the <tt>Kubernetes</tt> together with the feature <tt>Collect
information about Persistent Volume Claims & Persistent Volumes</tt> (available in 2.2.0 and above).
With this feature turned on, the Kubernetes agent will contact the kubelet on each node via a proxy
provided by the Kubernetes API server. This means the data collection depends on the number of
nodes and the latency of the Pod network. If this data collection takes too long, the Kubernetes
agent may timeout. This in turn causes the previously collected API data to be discarded.
With this Werk, the data collection time is limited to 30 seconds. The omission of the data causes
the omission of metrics from the <tt>PVC</tt> service of a Pod. This is consistent with how missing
data is handled, if the corresponding kubelet is down.
Title: metrics: Fix Internal Server Error when decimal timestamps are provided
Class: fix
Compatible: compat
Component: rest-api
Date: 1700216654
Edition: cre
Level: 1
Version: 2.3.0b1
Prior to this werk, when a timestamp contained decimal values the endpoint would return status 500 (Internal server error). This change fixes that and now it returns 400 (Bad Request) and a brief explanation of the error.
Title: align quoting of synchronous and asynchronous MRPE
Class: fix
Compatible: incomp
Component: checks
Date: 1700489068
Edition: cre
Level: 1
Version: 2.3.0b1
You are affected by this change if you use asynchronous MRPE and used double
quotes (<tt>"</tt>) in the MRPE command.
Quoting of mrpe commands differed between cached and non cached mrpe checks.
With this Werk the quoting rules for the normal/synchronous execution of MRPE
are applied to asynchronous MRPE commands.
The following can now be applied to both asynchronous and normal/synchronous
execution of MRPE commands: Use single quotes on the first level of quoting.
This command will correctly show <tt>output with spaces</tt> in the Service
output:
<tt>bash -c 'echo "output with spaces"'</tt>
If you execute asynchronous MRPE and the command uses double quotes on the
first level of quoting, adapt it accordingly.
Title: Fix "Metric history" context filter on view edit
Class: fix
Compatible: compat
Component: multisite
Date: 1700552738
Edition: cee
Level: 1
Version: 2.3.0b1
If you edited a view with the context filter "Metric history", the value was
always "Only first 10 sorted results", even if another value was set before.
This was just a problem with the default choice of the dropdown. If you used
the view, the filter should have been worked as expected.
Title: Protect automation user secret against timing attacks
Class: security
Compatible: compat
Component: wato
Date: 1700216645
Edition: cre
Level: 1
Version: 2.3.0b1
This Werks improves how the secret of an automation user is validated during login.
Prior to the Werk, the automation user's password was not checked in a way that is safe against (theoretical) timing attacks.
This is fixed now.
Even though this Werk improves security, it does not address an exploitable vulnerability.
To aid automated scanning we assign a CVSS score of 0.0 (None) (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N).
Title: oracle_crs_res: TypeError: Resource.__init__() got an unexpected keyword argument 'enabled'
Class: fix
Compatible: compat
Component: checks
Date: 1700145397
Edition: cre
Level: 1
Version: 2.3.0b1
Agent output changed with newer oracle databases, it now includes "enabled"
data. Previous version of this check could not handle this and crashed with
the following error:
<tt>TypeError: Resource.<strong>init</strong>() got an unexpected keyword argument 'enabled'</tt>
oracle_crs_res now ignores all additional data.