Checkmk werks level2

checkmk-werks-lvl2@lists.checkmk.com

1 participants
1349 discussions

Check_MK Werk 0812: nginx_status: New check for monitoring status information of the Nginx web server

by Lars Michelsen

ID: 0812 Title: nginx_status: New check for monitoring status information of the Nginx web server Component: Checks & Agents Level: 2 Class: New Feature Version: 1.2.5i3 Implemented a new check which uses the Nginx stub status module to monitoring inner information of the Nginx process about number of active connections, connections per second, requests per second and so on.

10 years, 3 months

Check_MK Werk 0930: WATO snapshots: disabled upload of legacy snaphots and snapshots with invalid checksums

by Andreas Boesl

ID: 0930 Title: WATO snapshots: disabled upload of legacy snaphots and snapshots with invalid checksums Component: WATO Level: 2 Class: New Feature Version: 1.2.5i3 The upload of insecure snapshots has been disabled per default, because those snapshots represent a security risk if their content were modified willingly or unwillingly. Insecure snapshots are all legacy snapshots and snapshots of the newer type, but with an invalid checksum. You can re-enable the upload of insecure snapshots via the new global setting <tt>Configuration GUI (WATO) -> Allow upload of insecure WATO snapshots</tt>

10 years, 3 months

Check_MK Werk 0929: windows agent: now able to include and execute additional local and plugin scripts as different user

by Andreas Boesl

ID: 0929 Title: windows agent: now able to include and execute additional local and plugin scripts as different user Component: Checks & Agents Level: 2 Class: New Feature Version: 1.2.5i3 In the <tt>[local]</tt> and <tt>[plugin]</tt> sections the new option <tt>include</tt> has been introduced. With this option you can configure additional local and plugin directories, which should get parsed. You can also configure the the scripts in the given directories should be executed as a different user. Example configuration: F+:check_mk.ini [plugin] # The scripts in the following folder are executed as user \\ab include \\ab = C:\users\ab\plugins # The scripts in the following folder are executed without any changes to the user permission include - = C:\scripts\plugin F-: Important: Keep in mind that the agent needs the permission to run scripts as other user. Internally it uses the windows command <tt>runas /User:</tt> which prompts for a password if the windows agent has no permission to change to this user.

10 years, 3 months

Check_MK Werk 0928: runas: new plugin script to include and execute mrpe, local and plugin scripts as different user

by Andreas Boesl

ID: 0928 Title: runas: new plugin script to include and execute mrpe, local and plugin scripts as different user Component: Checks & Agents Level: 2 Class: New Feature Version: 1.2.5i3 With the new plugin <tt>runas</tt> you can configure additional include files and directories for mrpe, local and plugin scripts. You can also change the user context of each of these scripts. It allows non-root users to add additional scripts which might get executed with reduced permission. This check is configured with the configuration file <tt>runas.cfg</tt>. In a default installation this file is located within the Check_MK config directory under <tt>/etc/check_mk/runas.cfg</tt>. The <tt>runas.cfg</tt> configuration syntax is as follow [Script type] [User context] [File / Directory ] The <tt>Script type</tt> can be set to <tt>mrpe</tt>, <tt>local</tt> and <tt>plugin</tt>. The <tt>User context</tt> represents the user. If you do not want to change the context set this field to <tt>-</tt> Depending on the script type the third value points to a file or directory. The mrpe type requires a target file which contains the mrpe commands. Local and plugins types require are target folder, which contains the executable local and plugin scripts. Here is an example configuration: F+:/etc/check_mk/runas.cfg mrpe ab /home/ab/mrpe_commands.cfg mrpe lm /home/lm/mrpe_commands.cfg mrpe - /root/mrpe/extra_commands.cfg plugin ab /var/ab/plugins local ab /var/ab/local F-: Note:You need to set up the local and plugin scripts in different folders, because the line <tt>plugin ab /var/ab/plugins</tt> indicates that all executable files within this folder are treated as plugins.

10 years, 3 months

Check_MK Werk 0927: windows agent: now able to evaluate logfiles written in unicode (2 bytes per character)

by Andreas Boesl

ID: 0927 Title: windows agent: now able to evaluate logfiles written in unicode (2 bytes per character) Component: Checks & Agents Level: 2 Class: New Feature Version: 1.2.5i3 The windows agent was unable to process logfiles which were written as unicode. Those files had binary zeros every other byte, rendering the normal "readline" logfile processing useless. The agent can now read unicode files correctly, convert each line to a multibyte representation (most of the time it is only a single byte) and apply the configured logfile patterns accordingly.

10 years, 3 months

Check_MK Werk 0925: ps: improved/fixed calculation of CPU utilization

by Andreas Boesl

ID: 0925 Title: ps: improved/fixed calculation of CPU utilization Component: Checks & Agents Level: 2 Class: New Feature Version: 1.2.5i3 Previously, the CPU utilization value was taken from the output <tt>pcpu</tt> from the ps command. This value didn't reflect the exact utilization since the last check because its definition is <pre> CPU usage is currently expressed as the percentage of time spent running during the entire lifetime of a process. This is not ideal, and it does not conform to the standards that ps otherwise conforms to. CPU usage is unlikely to add up to exactly 100%. </pre> The evaluation of the <tt>pcpu</tt> field has been removed and got replaced by the field <tt>cputime</tt>, which reflects the number of cpu seconds since program start. With the <tt>cputime</tt> we are able to determine the correct value. To utilize this new calculation method, you need to update the check_mk_agent on the target host. The ps check itself is able to handle both formats, <tt>pcpu</tt> and <tt>cputime</tt>.

10 years, 3 months

Check_MK Werk 0978: Fix security issue with mk-job on Linux

by Mathias Kettner

ID: 0978 Title: Fix security issue with mk-job on Linux Component: Checks & Agents Level: 2 Class: Incompatible Change Version: 1.2.5i3 By use of symlinks or hardlinks normal users could inject files to be read with root permissions. This was due to the fact that <tt>/var/lib/check_mk_agent/job</tt> was installed with the permissions <tt>1777</tt>, just as <tt>/tmp</tt>. That way a normal user could have placed a symlink to a file there that is only readable by <tt>root</tt>. The content of that file would then appear in the agent output. This has been fixed by not longer using <tt>/var/lib/check_mk_agent/job</tt> directly, but by creating a separate subdirectory below that for each user. This is done by a new version of <tt>/usr/bin/mk-job</tt>, so please make sure that if you update the agent that you also update <tt>mk-job</tt>. Also you now have to create job subdirectories for non-<tt>root</tt> jobs manually. If you have a job running as user <tt>foo</tt>, then do: C+: RP:mkdir -p /var/lib/check_mk_agent/job RP:chown foo.foo /var/lib/check_mk_agent/job C-: If you update the Check_MK Agent with RPMs/DEB from the new agent bakery or by an RPM/DEB created from the source code with <tt>make rpm</tt> or <tt>make deb</tt> then the permissions of <tt>/var/lib/check_mk_agent/job</tt> are automatically fixed. If you have installed the agent manually then please make sure that the permissions of the job directory are set properly: C+: RP:chmod 755 /var/lib/check_mk_agent/job C-:

10 years, 3 months

Check_MK Werk 0978: Fix security issue with mk-job on Linux

by Mathias Kettner

10 years, 3 months

Check_MK Werk 0923: json export: fixed bug not stripping html tags from output

by Andreas Boesl

ID: 0923 Title: json export: fixed bug not stripping html tags from output Component: Multisite Level: 2 Class: Bug Fix Version: 1.2.5i3

10 years, 3 months

Check_MK Werk 0977: check_traceroute: new active check for checking presence and absence of routes

by Mathias Kettner

ID: 0977 Title: check_traceroute: new active check for checking presence and absence of routes Component: Checks & Agents Level: 2 Class: New Feature Version: 1.2.5i3 This check does a traceroute to the target host and checks which route(s) are being taken. You can check both for missing and present routes and attach WARN or CRIT state to them. traceroute is expected to be in the search path and installed with SUID root bit.

10 years, 3 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Checkmk werks level2