[//]: # (werk v2)
# downtimes: add filters for host and service groups to modify and delete endpoints
key | value
---------- | ---
date | 2024-03-12T09:59:13+00:00
version | 2.4.0b1
class | feature
edition | cre
component | rest-api
level | 1
compatible | yes
This werk extends the modify and delete endpoints for downtimes with filters
for hostgroups and servicegroups, similar to the create endpoints.
[//]: # (werk v2)
# bulk discovery: remove mode parameter and introduce options
key | value
---------- | ---
date | 2024-03-11T08:55:56+00:00
version | 2.4.0b1
class | feature
edition | cre
component | rest-api
level | 1
compatible | no
Starting with the 2.3, the bulk discovery mode has been split up
for more granular control regarding the discovery execution. This
werk now introduces the same approach to the equivalent REST API
bulk discovery endpoint introducing the 'options' field. The previous 'mode'
field is deprecated with the 2.3 and will be removed in 2.4. The user should
migrate existing scripts to make use of the 'options' field.
Title: cisco_redundancy: handle new swact reasons
Class: fix
Compatible: compat
Component: checks
Date: 1709890474
Edition: cre
Level: 1
Version: 2.2.0p24
Fixes a crash in the check plugin, caused by not handling two recently added switch of activity reasons.
[//]: # (werk v2)
# jolokia metrics: restores 'default product' behavior
key | value
---------- | ---
date | 2024-03-11T13:50:14+00:00
version | 2.4.0b1
class | fix
edition | cre
component | checks
level | 1
compatible | yes
The check plugin no longer showed any metrics if a product was not specified in the ruleset configuration.
This werk restores the original behaviour, using as a default product the one reported in the info section of the agent output.
[//]: # (werk v2)
# check_httpv2: Introduce a reworked way to test web sites
key | value
---------- | ---
date | 2024-03-08T10:06:58+00:00
version | 2.4.0b1
class | feature
edition | cre
component | checks
level | 2
compatible | no
The legacy http monitoring plugin caused quite some trouble over the last
years. This included lots of effort to add features or just simply fixing
bugs.
With the new plugin, the functionality is moved to maintainable and
extendable code completely under control of Checkmk. This means also
breaking changes with the old plugin:
* Some metrics are not available anymore as it has been known. We
discovered that these are simply not directly understandable. Instead we
will add metrics as needed in the future. Some metrics will already be
added in this first release
* Some functionality has been a workaround and is now implemented directly
into the new plugin. This makes it hard to migrate rules automatically.
* Users are now able to decide on their own which functionality should be
in an own service. This means, that it is now possible to test the
certificate validity and response times in one service, if needed.
* User are able to configure multiple http checks within one rule. You can
provide standard settings to be used for all endpoints, and overwrite
them per entry for each endpoint. Migrating manually makes absolute
sense here.
Please note that we will not remove the old plugin for now. We understand
that you need some time to migrate your configurations. Nethertheless, we
will deprecate the old plugin and eventually remove it from Checkmk.
[//]: # (werk v2)
# Ruleset API: Help text for SimpleLevels, Levels
key | value
---------- | ---
date | 2024-03-13T09:20:05+00:00
version | 2.4.0b1
class | fix
edition | cre
component | checks
level | 1
compatible | yes
Previously the help text configured for SimpleLevels and Levels was not shown in the UI, this is now fixed.
[//]: # (werk v2)
# password: the response schema now matches what is returned
key | value
---------- | ---
date | 2024-03-07T09:18:40+00:00
version | 2.4.0b1
class | fix
edition | cre
component | rest-api
level | 1
compatible | yes
This werk addresses an issue with the REST-API password endpoint
response. The response schema listed the title and the ident as
fields that should be returned but we were not returning them as
part of the password object. These have now been removed from the
schema.
Also, the members field was returning invalid information and
hence has been removed.
[//]: # (werk v2)
# Ignore CAs with negative serial numbers
key | value
---------- | ---
date | 2024-03-11T10:43:27+00:00
version | 2.4.0b1
class | fix
edition | cre
component | core
level | 1
compatible | no
When Checkmk is configured to *Trust system wide configured CAs* the system CA store is traversed and the certificates are added to the trusted CAs.
With RFC 5280 certificate serial numbers are required to be positive. Unfortunately there are CA certificates out from before this RFC and the might contain negative serial numbers.
One we encountered several times while testing is:
commonName = EC-ACC
organizationalUnitName = Jerarquia Entitats de Certificacio Catalanes
organizationalUnitName = Vegeu https://www.catcert.net/verarrel (c)03
organizationalUnitName = Serveis Publics de Certificacio
organizationName = Agencia Catalana de Certificacio (NIF Q-0801176-I)
countryName = ES
Our underlying library we use for handling certificates announced to no longer support certificates with negative serial numbers in one of the next versions. Therefore we decided to ignore certificates with negative serial numbers so we can update this library during the lifetime of this Checkmk release without changing this behaviour.
Since the mentioned `EC-ACC` certificate was encountered multiple times during testing and is not widely used the fact that this certificate was encountered and is ignored is NOT logged.
If you use certificates issued by CA certificates with negative serial numbers you can add them manually to your list of trusted certificates via the UI.
This might cause warnings appearing in console outputs and in logfiles and may stop to work in the future.
[//]: # (werk v2)
# cisco_redundancy: handle new swact reasons
key | value
---------- | ---
date | 2024-03-08T09:34:34+00:00
version | 2.4.0b1
class | fix
edition | cre
component | checks
level | 1
compatible | yes
Fixes a crash in the check plugin, caused by not handling two recently added switch of activity reasons.