ID: 1880
Title: inventory_processes rules can now be configured without setting levels
Component: Core & Setup
Level: 2
Class: Bug Fix
Version: 1.2.7i1
Since werk #1563 the levels configured in the rule {inventory_processes} are not
interpreted anymore. If you used this rule to configure process discovery, you
can now leave the last four elements (thresholds) of.
Note: If you use WATO for configuring process discovery, this change does not affect you.
To configure the thresholds, you need to use the {check_parameters} option like
shown in the example below:
F+:etc/check_mk/main.mk
# Old configuration style
inventory_processes += [
( ["sap", ], ALL_HOSTS, "SAP_ora_pmon_%s", "~ora_pmon_([A-Z][A-Z,0-9]{2,3})$", GRAB_USER, 1, 1, 1, 1 ),
]
# new style configuration:
inventory_processes += [
( ["sap", ], ALL_HOSTS, "SAP_ora_pmon_%s", "~ora_pmon_([A-Z][A-Z,0-9]{2,3})$", GRAB_USER),
check_parameters += [
( {'levels' : (1, 1, 1, 1)}, ALL_HOSTS, ['proc_SAP_ora_pmon_.*'] ),
]
F-:
ID: 1878
Title: Fixed possible shell injection when filtering the EC archive
Component: Event Console
Level: 2
Class: Security Fix
Version: 1.2.7i1
To optimize searches in the Event Console archive files, the event console
uses "grep" to make a fast preselection of history entries. The grep command
is used for different filters, like the "ID of rule". This allows normal logged
in users with only GUI privileges to execute shell commands on the monitoring
host with privileges of the user the Event Console is running with. Normally
this is the sites user in OMD sites or the user nagios.
All currently maintained versions are affected. If you are using an affected
version which we offer no more releases for, you can use the patch of
this Werk to fix the issue for your version.
This issue has been discovered and reported by Christian Thiemann. Thanks!
ID: 1672
Title: Now able reclassify logwatch messages before forwarding them to the event console
Component: Event Console
Level: 2
Class: New Feature
Version: 1.2.7i1
You are now able to apply already existing logwatch patterns to the messages which
are sent to the event console. Each message can be reclassified to a different alert level
and even set to IGNORED, which causes a message not to be sent to the event console.
This pre-sorting might reduce the load of the event console.
Keep in mind that the logwatch pattern are configured by host and the logfile name.
These restrictions do also apply to the messages intented for the event console.
So you can configure a logwatch pattern specifially designed for a message from a certain logfile.
For example, you can reclassify any messages from a logfile <i>access.log</i> containing "C Login error" to
"I Login error". Any message of <i>access.log</i> containing the "Login error" pattern will therefore get ignored and
not sent to the event console.
ID: 1671
Title: windows agent: fixed gaps in eventlog monitoring after agent restart
Component: Checks & Agents
Level: 2
Class: Bug Fix
Version: 1.2.7i1
The windows eventlog monitoring was not entirely continuous.
After the agent started it determined determined the initial record number
for each eventlog. Per default the start number was the last record.
Thus resulted in monitoring gaps as long as the windows was not running, e.g. windows startup.
With this fix, the windows agent now uses a statefile (<tt>eventstate.txt</tt>) which
contains the last processed eventrecord ids for each eventlog.
On startup the statefile is read and the record numbers are set accordingly.
ID: 1850
Title: netscaler_health.fan, netscaler_health.psus, netscaler_health.temp: new checks to monitor the health of Citrix Netscaler Loadbalancers
Component: Checks & Agents
Level: 2
Class: New Feature
Version: 1.2.7i1
ID: 1845
Title: Keep record of original source IP address of a syslog message or SNMP trap
Component: Event Console
Level: 2
Class: New Feature
Version: 1.2.7i1
The Event Console now stores the original source IP address when receiving an event
directly via an SNMP trap or the builting syslog server. This ipaddress is put into
a new dedicated field in the event and is shown in the details of the event. In the
event rules you can now match on this address using a X.X.X.X/Y networking syntax.
Note: If you receive syslog messages forwarded from another syslog server, then
you will see the IP address of that server there - not from the original message.
ID: 1817
Title: The Check_MK service did not result in CRITICAL/WARNING states when using Nagios as core
Component: Checks & Agents
Level: 2
Class: Bug Fix
Version: 1.2.7i1
When using Nagios (or Icinga) as monitoring core, the "Check_MK" services was always resulting
in an OK state, even when the output reported that it has a critical problem, for example
because of the agent of the monitored host can not be reached.
This bug seem to be existant since Mon, 15 Dec 2014.
ID: 1842
Title: Rewrote implementation of service discovery (formerly inventory)
Component: Core & Setup
Level: 2
Class: Bug Fix
Version: 1.2.7i1
The internal code for the service discovery has been writting. The previous
name for that feature was "inventory" but the word inventory is now being
used for hardware/software-inventory. The option <tt>--check-inventory</tt>
has been renamed into <tt>--check-discovery</tt>.
Several bugs have been fixed while doing the new implementation. One prominent
bug was service discovery on clusters. Another problem that has been fixed
was that when during <tt>cmk -II</tt> a host was not reachable its services
would have been lost.
ID: 1668
Title: Interface groups: Can create groups out of interface item names
Component: Checks & Agents
Level: 2
Class: New Feature
Version: 1.2.7i1
In the previous version a interface group could only get created out of
interfaces which shared the same interface type.
With this update you can now specify grouped interfaces by their type as well
as their item name. Keep in mind that the item name depends on the parameters
<tt>if_inventory_uses_alias</tt> or <tt>if_inventory_uses_description</tt>.