Checkmk werks level1

checkmk-werks-lvl1@lists.checkmk.com

1 participants
15865 discussions

Check_MK Werk 0746: zfsget: fixed problem with agent output of check_mk_agent.solaris

by Andreas Boesl

ID: 0746 Title: zfsget: fixed problem with agent output of check_mk_agent.solaris Component: Checks & Agents Level: 1 Class: New Feature Version: 1.2.5i2 The reported columns from the check_mk_agent.solaris did not match the columns expected in the check. This has been fixed. Might have fixed problem with other agents than check_mk_agent.linux, too.

10 years, 5 months

Check_MK Werk 0745: drbd: Roles and diskstates are now configurable via WATO

by Andreas Boesl

ID: 0745 Title: drbd: Roles and diskstates are now configurable via WATO Component: Checks & Agents Level: 1 Class: New Feature Version: 1.2.5i2 You can now configure the result for each role scenario as well as set specific states for each diskstate or completely disable the evaluation for roles and diskstates. For example: Roles: Secondary/Secondary -> CRIT Diskstates: Secondary/Inconsistent -> CRIT Primary/Attaching -> WARN

10 years, 5 months

Check_MK Werk 0767: Signing and verification of WATO snapshot (addresses CVE-2014-2330)

by Lars Michelsen

ID: 0767 Title: Signing and verification of WATO snapshot (addresses CVE-2014-2330) Component: WATO Level: 2 Class: Bug Fix Version: 1.2.5i2 This change addresses possible attacks against Check_MK using the WATO "Backup & Restore" module, known as CVE-2014-2330. In previous versions there were no checksum verifications or signings of the snapshots contents implemented. This has been changed now. The files within the snapshot which contain Check_MK configuration files and definitions of check commands etc. are now verified using checksums and signed. When you import / export a snapshot on a single site, there is no difference to the former handling. When you or someone else modifies the snapshots between import and export, the restore process will warn you about the modification and let you decide if you trust the file and restore it anyways or terminate the restore process. In the case you import a snapshot from another site, the singing can not be verified. In this case, you get a warning about this and can continue or skip the restore process.

10 years, 5 months

Check_MK Werk 0743: mem, fortigate_memory, solaris_mem: display total SWAP info in check output

by Andreas Boesl

ID: 0743 Title: mem, fortigate_memory, solaris_mem: display total SWAP info in check output Component: Checks & Agents Level: 1 Class: New Feature Version: 1.2.5i2

10 years, 5 months

Check_MK Werk 0600: nfsexports.solaris: new agent plugin for monitoring nfs exports on solaris systems

by Götz Golla

ID: 0600 Title: nfsexports.solaris: new agent plugin for monitoring nfs exports on solaris systems Component: Checks & Agents Level: 1 Class: New Feature Version: 1.2.5i2 This agent plugin delivers information about nfs exports on Solaris systems in stand-alone as well as clustered environments.

10 years, 5 months

Check_MK Werk 0776: ibm_svc_nodestats.cpu_util: new check for CPU Utilization per Node on IBM SVC / V7000 devices

by Bernd Stroessenreuther

ID: 0776 Title: ibm_svc_nodestats.cpu_util: new check for CPU Utilization per Node on IBM SVC / V7000 devices Component: Checks & Agents Level: 1 Class: New Feature Version: 1.2.5i2

10 years, 5 months

Check_MK Werk 0742: table statehist: now able to cancel a running query if limit is reached

by Andreas Boesl

ID: 0742 Title: table statehist: now able to cancel a running query if limit is reached Component: Livestatus Level: 1 Class: Bug Fix Version: 1.2.5i2 The livestatus table statehist was unable to end a query when the <tt>Timelimit:</tt> or <tt>Limit:</tt> options were reached.

10 years, 5 months

Check_MK Werk 0766: Changed transid implemtation to work as CSRF protection (Fixes CVE-2014-2330)

by Lars Michelsen

ID: 0766 Title: Changed transid implemtation to work as CSRF protection (Fixes CVE-2014-2330) Component: Multisite Level: 3 Class: Bug Fix Version: 1.2.5i2 This change fixes possible attacks against Check_MK Multisite users. In previous versions a possible attacker could try to make the browsers of authenticated users open URLs of the Check_MK Multisite GUI to execute actions e.g. within WATO without knowledge of the attacked user. To make such an attack possible, there are several things needed: The user must be authenticated with multisite and have enough permission within multisite to execute the actions the attacker wants to use, the attacker needs to know the exact URL to the Multisite GUI. Then the attacker needs to make the user either click on a manipulated link or open a manipulated webpage which makes the browser of the user, where the user is authenticated with multisite, open the URL the attacker wants to make it open. The multisite GUI makes use of transids (transaction ids) when processing form submissions or actions. The transids were mainly used to prevent double execution of actions when reloading the page which performed the action in the browser. Now we changed internal handling of the transid to make it also prevent CSRF attacks. The transid is now some kind of shared secret between the webserver and the browser of the user. This ensures a form submission is intended by a previously requested page. This change impicates an incompatible change: In case you use a script which opens multisite pages to perform an action, e.g. set a downtime and use this with a regular user account which authenticates by username/password, the script won't work anymore after this change. The way to go is to adapt the script and change the user to authenticate with an automation secret instead of a password. For this kind of authentication, you will need to user other URL parameters (_username=... and _secret=...).

10 years, 5 months

Check_MK Werk 0765: NagVis-Maps-Snapin: Now visualizes downtime / acknowledgment states of maps

by Lars Michelsen

ID: 0765 Title: NagVis-Maps-Snapin: Now visualizes downtime / acknowledgment states of maps Component: Multisite Level: 1 Class: New Feature Version: 1.2.5i2 The NagVis-Maps sidebar snapin now shows a green box with yellow or red borders when maps have a problematic summary state, but have been acknowledged or set into downtime.

10 years, 5 months

Check_MK Werk 0741: BI editor: fixed display bug in "Create nodes based on a service search"

by Andreas Boesl

ID: 0741 Title: BI editor: fixed display bug in "Create nodes based on a service search" Component: BI Level: 1 Class: Bug Fix Version: 1.2.5i2 The WATO BI editor had some problems when displaying rules with the pattern "Create nodes based on a service search" -> "State of a service"

10 years, 5 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Checkmk werks level1