Checkmk werks level2

checkmk-werks-lvl2@lists.checkmk.com

1 participants
1349 discussions

Check_MK Werk 1373: Do not ouput complete command line when datasource programs fail

by Mathias Kettner

ID: 1373 Title: Do not ouput complete command line when datasource programs fail Component: Core & Setup Level: 2 Class: Security Fix Version: 1.2.5i6 When executing a datasource program like <tt>agent_vsphere</tt> fails, then Check_MK used to output the complete command line as plugin output of the Check_MK active check as part of an error message. The commandline could contain passwords - however. So this has now been changed into just outputting the path to the executable (e.g. <tt>/omd/sites/mysite/share/check_mk/agents/special/agent_vsphere</tt>).

10 years

Check_MK Werk 1144: blade_bx_temp, dell_chassis_temp, emerson_temp, ibm_svc_enclosurestats, ups_bat_temp: rename service description

by Mathias Kettner

ID: 1144 Title: blade_bx_temp, dell_chassis_temp, emerson_temp, ibm_svc_enclosurestats, ups_bat_temp: rename service description Component: Checks & Agents Level: 2 Class: Bug Fix Version: 1.2.5i6 Rename service description of these checks. They now all begin with <tt>Temperature</tt>, such as is custom for all Check_MK checks. Beware: new graphs will be created. If these services are target of WATO or BI rules you might need to adjust them. Your WATO configuration for levels should work without change.

10 years, 1 month

Check_MK Werk 1010: chrony: new check for NTP synchronization via chrony on Linux

by Mathias Kettner

ID: 1010 Title: chrony: new check for NTP synchronization via chrony on Linux Component: Checks & Agents Level: 2 Class: New Feature Version: 1.2.5i6 This check does the same as the existing {ntp.time} check, but is for cases when {chrony} is being used instead of the {ntpd}. It does not support measuring jitter, however.

10 years, 1 month

Check_MK Werk 1097: windows_agent: preventing missing agent sections on first query

by Andreas Boesl

ID: 1097 Title: windows_agent: preventing missing agent sections on first query Component: Checks & Agents Level: 2 Class: Bug Fix Version: 1.2.5i6 The windows agent did not report all sections on the first request(s) after its startup, if some plugins were configured to run asynchronous. This has been fixed. During startup, the agent now always executes the ASYNC scripts first and waits for them to finish. After the scripts are finished, it starts listening to the tcp port.

10 years, 1 month

Check_MK Werk 0647: printer_input, printer_output: multiple fixes to algorithm for state determination and inventory function

by Goetz Golla

ID: 0647 Title: printer_input, printer_output: multiple fixes to algorithm for state determination and inventory function Component: Checks & Agents Level: 2 Class: Bug Fix Version: 1.2.5i6 The inventory function now considers the description of the unit if its name is not configured. This should lead to more and more meaningful items. Still, all units with empty name and description will be merged into one single service with an empty item name. The algorithm to determine the states of a unit was plain wrong, so that a nonsense collection of states were given. This has been corrected. Still several states may be derived, but they should now correctly describe the operational state of the unit. The inventory function also used the same algorithm to inventorize only units with meaningful states. Therefore some changes may be expected in the inventory of a printer as well.

10 years, 1 month

Check_MK Werk 1008: Overall check timeout for Check_MK checks now defaults to CRIT state

by Mathias Kettner

ID: 1008 Title: Overall check timeout for Check_MK checks now defaults to CRIT state Component: Core & Setup Level: 2 Class: New Feature Version: 1.2.5i6 When using the Check_MK Micro Core as the core then the service status for Check_MK services that ran into an overal timeout (default is 60 seconds) was UNKNOWN. This has changed to CRIT. Furthermore this is configurable via a new Timeout option in the ruleset Status of the Check_MK service.

10 years, 1 month

Check_MK Werk 1096: New WATO webservices: manage hosts via webinterface

by Andreas Boesl

ID: 1096 Title: New WATO webservices: manage hosts via webinterface Component: WATO Level: 3 Class: New Feature Version: 1.2.5i6 It is now possible to manage hosts via web requests This includes the following operations <ul> <li>Add host</li> <li>Edit host</li> <li>Delete host</li> <li>Get host attributes</li> <li>Host service discovery</li> <li>Activate changes</li> </ul> These operations also work in a distributed environment. You can find more information regarding these web request in the <tt>Roles & Permissions</tt> page under a roles settings. There is a new permission topic <tt>Web API</tt> where you can configure the permission of all available API requests. The help texts for these permissions provide some useful examples. In the near future, there will be a "Howto Web-API" article in our online documentation, too.

10 years, 1 month

Disk Parameters Not getting Discovered

by Nilanchal Panigrahi

Please find the below logs where is the device disk drive are not getting discovered in Check_mk (1.2.4b7) *OMD[setpoller01]:~$ cmk -II --debug -vpnd MUMPL-VRT-SRV-WIN-172.31.24.58* *Connecting via TCP to 172.31.24.58:6556 <http://172.31.24.58:6556>.* *<<<check_mk>>>* *Version: 1.2.4b3* *Architecture: 32bit* *AgentOS: windows* *Hostname: msmwrlsqldb* *<<<df>>>* *C:\ NTFS 62903292 37342052 25561240 60% C:\* *C:\Documents and Settings\All Users\Application Data\**PlateSpin\Volume Snapshots**\aeaf9c6f-28e8-4741-8726-e9a5af82f5b8\ NTFS 62903292 30438748 32464544 49% C:\Documents and Settings\All Users\**Application Data\PlateSpin**\Volume Snapshots\aeaf9c6f-28e8-4741-8726-e9a5af82f5b8\* *Database NTFS 31457276 28528276 2929000 91% C:\Documents and Settings\All Users\**Application Data\PlateSpin**\Volume Snapshots\9d667d4e-5e59-4605-9e32-68eb6571e2fa\* *SQL_Logs NTFS 31457276 9383692 22073584 30% C:\Documents and Settings\All Users\**Application Data\PlateSpin**\Volume Snapshots\f9bc76ec-59b2-4aac-accd-ee0ccf0ef5f6\* *Database NTFS 62908488 28928996 33979492 46% E:\* *SQL_Logs NTFS 31457276 9074672 22382604 29% F:\*

10 years, 1 month

Check_MK Werk 0766: Changed transid implemtation to work as CSRF protection (Fixes CVE-2014-2330)

by Lars Michelsen

ID: 0766 Title: Changed transid implemtation to work as CSRF protection (Fixes CVE-2014-2330) Component: Multisite Level: 3 Class: Security Fix Version: 1.2.5i2 This change fixes possible attacks against Check_MK Multisite users. In previous versions a possible attacker could try to make the browsers of authenticated users open URLs of the Check_MK Multisite GUI to execute actions e.g. within WATO without knowledge of the attacked user. To make such an attack possible, there are several things needed: The user must be authenticated with multisite and have enough permission within multisite to execute the actions the attacker wants to use, the attacker needs to know the exact URL to the Multisite GUI. Then the attacker needs to make the user either click on a manipulated link or open a manipulated webpage which makes the browser of the user, where the user is authenticated with multisite, open the URL the attacker wants to make it open. The multisite GUI makes use of transids (transaction ids) when processing form submissions or actions. The transids were mainly used to prevent double execution of actions when reloading the page which performed the action in the browser. Now we changed internal handling of the transid to make it also prevent CSRF attacks. The transid is now some kind of shared secret between the webserver and the browser of the user. This ensures a form submission is intended by a previously requested page. This change impicates an incompatible change: In case you use a script which opens multisite pages to perform an action, e.g. set a downtime and use this with a regular user account which authenticates by username/password, the script won't work anymore after this change. The way to go is to adapt the script and change the user to authenticate with an automation secret instead of a password. For this kind of authentication, you will need to user other URL parameters (_username=... and _secret=...).

10 years, 1 month

Check_MK Werk 1094: sidebar snaping 'Tree of folders': fixed exception

by Andreas Boesl

ID: 1094 Title: sidebar snaping 'Tree of folders': fixed exception Component: Multisite Level: 2 Class: Bug Fix Version: 1.2.5i6

10 years, 1 month

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Checkmk werks level2