ID: 11202
Title: jira notification: Clearer assignment of tickets in distributed environments
Component: Notifications
Level: 1
Class: Bug fix
Version: 1.7.0i1
If JIRA notifications are used in distributed environments the host and service
problem ID might not be unique, because every site core creates own host and
service problem IDs. This could lead to problems with ticket creation if the
notifications end up at the same JIRA instance because the problem ID might
already have been used.
If you use such setup, please configure the new option "Site custom field ID"
in the notification rule for JIRA. You also have to configure this ID in JIRA
(e.g. "CMK_SITE_FIELD") like the already configured host and service custom
field ID described in the article "Notifications via Jira" in our official
guide. The script will then set the host and service problem ID and the site
name on creation.
If Jira notifications are send from one site to one JIRA instance or from
different sites to different JIRA instances, no action is required. The Script
will use the old mechanism of setting and checking for host and service problem
IDs.
We will update the official guide shortly.
ID: 11490
Title: Remove cmk -B and cmk -C commands
Component: Core & setup
Level: 1
Class: New feature
Version: 1.7.0i1
During the activation of configuration changes we have multiple subsequent steps:
LI: Acquire the activation lock
LI: Create the core config (incl. backup and restore in case of issues)
LI: Precompile some more files for the core
LI: Restart of the core or reload of the config
The most common commands to execute the activation or parts of the procedure
are "cmk -U" for just creating the configuration or "cmk -O" for creating the
configuration and reloading the core config and "cmk -R" for creating the
configuration and restarting the core process.
The commands "cmk -B" (Create core config) and "cmk -C" (precompile some files)
were providing direkt access to parts of the "cmk -U" command but rarely used.
To simplify things we are now dropping both, the "cmk -B" and "cmk -C"
commands. If you used one of these before, please use "cmk -U" in the future.
ID: 11462
Title: Windows agent sets access rights also after clean installation
Component: Checks & agents
Level: 1
Class: Security fix
Version: 1.7.0i1
Windows agent didn't set correct access rights when installed from the scratch.
With this fix the problem had been eliminated
ID: 11461
Title: Windows agent: Improved protection of configuration files
Component: Checks & agents
Level: 1
Class: Security fix
Version: 1.7.0i1
With this fix only System and Administrators can access main configuration
files of the Windows agent, check_mk.user.yml and check_mk.bakery.yml, thus
preventing unauthorized access to potentially sensitive data.
ID: 11114
Title: Add Rule set to disable individual SNMP sections
Component: Checks & agents
Level: 1
Class: New feature
Version: 1.7.0i1
Users can now entirely disable individual SNMP sections using the rule
"Exclude SNMP sections".
As a result, the related data will not be fetched from the corresponding devices.
This may be useful if you want reduce the traffic on your network, or
suppress device responses that are known to be wrong.
This is similar to disabling check plugins, but not quite the same:
An SNMP section may be used by multiple check plugins, and it may or may
not be *required* by an individual check plugin.
Check plugins that require a section which has been disabled will not be
discovered subsequently.
ID: 11473
Title: Fix rendering of ruleset page if user error is raised
Component: Multisite
Level: 1
Class: Bug fix
Version: 1.7.0i1
If validation on values failed on rule creation, the ruleset page was not
rendered completely. Only a user error was visible.
>From now on, you will see a user error and the complete ruleset page in such
cases.
ID: 11392
Title: heartbeat_crm: strict activation in agent
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 1.7.0i1
After werk #11042 pacemaker-controld is a target process required to
trigger the heartbeat_crm section in Linux and openwrt agents. The way such
process was found was susceptible to name collisions leading to the
discovery of fictuos services, because other processes on the same host
could be accessing the same service.
This werk makes it more strict to catalog only pacemaker-controld processes.
ID: 11052
Title: Alternative valuespec: Radio buttons are now displayed as dropdowns
Component: Multisite
Level: 1
Class: New feature
Version: 1.7.0i1
All radio buttons are now displayed as dropdowns. To remain
compatible with old user extensions the keyword "style" of
the valuespec Alternative can still be used, but is ignored.
ID: 11366
Title: brocade_optical: Adjust to new discovery ruleset for network interfaces
Component: Checks & agents
Level: 1
Class: New feature
Version: 1.7.0i1
The discovery of the services corresponding to the check <tt>brocade_optical</tt>,
which monitors the signal quality of the optical ports of Brocade switches, is
configurable via the rule "Network Interface and Switch Port Discovery". As announced
in werk #11361, this rule has been reworked.
With this werk, we adjust <tt>brocade_optical</tt> to the new version of the discovery
ruleset for network interfaces. This check now uses the discovery ruleset for network
interfaces the same way as all other interface checks and is thus consistent with werk
#11361, which was not the case before. However, note that, as before,
<tt>brocade_optical</tt> does not implement all of the options offered by this
discovery rule. The grouping of interfaces is not supported and the items are always
given by the port numbers, independently of the option chosen under "Appearance of
network interface". Furthermore, out of the six matching conditions offered by the rule,
this check supports only the following three: the matching of the port type, the matching
of the port state and the matching of the interface description.
This werk is incompatible. Currently discovered services will continue to work, however,
upon re-discovery, some services might vanish or new services might be discovered. This
depends on the user-defined rules from the ruleset "Network Interface and Switch Port
Discovery". In such cases, users have to adjust their rules. Note that the default
behavior of the check has not changed. Hence, this werk is compatible for users with no
corresponding user-defined rules.