Checkmk werks level2

checkmk-werks-lvl2@lists.checkmk.com

1 participants
1349 discussions

Checkmk Werk 14580: DCD: Piggyback hosts are now updated and deleted again

by Solomon Jacobs

ID: 14580 Title: DCD: Piggyback hosts are now updated and deleted again Component: Dynamic host configuration Level: 2 Class: Bug fix Version: 2.2.0i1 The rule <tt>Dynamic host management</tt> allows user to configure automatic creation, updating and deleting of hosts. With werk 15206 (included in 2.1.0p20), the underlying mechanism, <tt>Dynamic Configuration Daemon</tt> would no longer update and delete hosts.

1 year, 7 months

Checkmk Werk 15122: New option to make customizations available to users of selected sites

by Ronny Bruska

ID: 15122 Title: New option to make customizations available to users of selected sites Component: Multisite Level: 2 Class: New feature Version: 2.2.0i1 You can now make customized views, dashboards, etc. available for users on selected sites. Therefore new permissions like "Publish views to users of allowed sites" are introduced and assigned to the "admin" role. With this permission you can use the option "Make this view available for other users" - "Publish to users of sites" on the "Edit" page of the customization. Please note that the customizations will be available on the selected sites after the next activation of changes for these sites.

1 year, 7 months

Checkmk Werk 14688: Increased metric queue sizes

by Sven Panne

ID: 14688 Title: Increased metric queue sizes Component: cmc Level: 2 Class: Bug fix Version: 2.2.0i1 The internal queues of the CMC for communication with the RRD cache daemon, Carbon connections, and InfluxDB connections has been increased. This can help to reduce the "queue full, didn't push update" messages in the CMC log and the related metric data loss. Note that this will only help when there are load peaks or peaks in the number of produced metrics from time to time. If the monitoring server is not powerful enough to handle the average number of metrics per second in the long run, there will still be data loss.

1 year, 9 months

Checkmk Werk 15096: Change session management from custom to Flask

by Christoph Rauch

ID: 15096 Title: Change session management from custom to Flask Component: Setup Level: 2 Class: New feature Version: 2.2.0i1 The HTTP session management has been changed to use the mechanics provided by the Flask project. This Werk is in place to mark the transition. No action on the users side is required.

1 year, 9 months

Checkmk Werk 15010: New notification plugin for Microsoft Teams

by Ronny Bruska

ID: 15010 Title: New notification plugin for Microsoft Teams Component: Notifications Level: 2 Class: New feature Version: 2.2.0i1 This werk enables Checkmk to send notifications about changes in the states of hosts and services to Microsoft Teams. First, you need to setup a webhook to your team or space, see <a href="https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-conn…" target="_blank">here</a> , which will allow Checkmk to post messages. Next, in Checkmk, under "WATO - Notifications", create a new notification rule. Select "Microsoft Teams" as the notification method. Copy the URL of your webhook into the Webhook-URL field. Optionally, if you want sent messages to include hyperlinks to Checkmk, enable the field "URL prefix for links to Checkmk".

1 year, 9 months

Checkmk Werk 15096: Change session management from custom to Flask

by Christoph Rauch

1 year, 9 months

Checkmk Werk 14998: Remove long deprecated flexible and plain email notifications

by Ronny Bruska

ID: 14998 Title: Remove long deprecated flexible and plain email notifications Component: Notifications Level: 2 Class: New feature Version: 2.2.0i1 This change only affects you, in case you have set the global setting "Rule based notifications" to "Off" in your installation. Flexible and plain email notifications are deprecated since version 1.5. If you still use flexible or plain email notifications configured within the user profile, this werk will remove this notification option in the usersettings and the GUI. Affected users will be logged to ~/var/log/update.log, e.g.: "Removed notification configuration from user: MY_USER" All listed users will automatically be updated to use the rule based notifications. Effectively, the HTML email notifications will be enabled for them. If you want to use a different notification mechanic, then review the notification rules and update them according to your needs. You can find more about the notification configuration <a href='https://docs.checkmk.com/latest/en/notifications.html'>here</a>. Still existing spool files will be converted to HTML email notifications on update. If a remote site with a version prior 2.2 has flexible or plain email notifications enabled and uses notification forwarding, the notifications will be coverted to HTML email notifications on the recieving site.

1 year, 9 months

Checkmk Werk 14686: Added timeout to event console communication

by Sven Panne

ID: 14686 Title: Added timeout to event console communication Component: Livestatus Level: 2 Class: Bug fix Version: 2.2.0i1 An unresponsive event console could eat up Livestatus connections and even cause a deadlock during the shutdown of the monitoring core. Now there is timeout of 10s, after that you get a timeout error for the Livestatus query or action.

1 year, 10 months

Checkmk Werk 14919: Do not log host secret (2)

by Maximilian Wirtz

ID: 14919 Title: Do not log host secret (2) Component: agents Level: 3 Class: Security fix Version: 2.2.0i1 Unfortunately Werk #14916 was insufficient. Therefore the vulnerability still exists. This Werk fixes the problem. When using the <i>Agent updater</i> the Checkmk server needs a secret in order to allow the agent to download new agents. For security reasons this secret is unique for each host and generated with the <tt>cmk-update-agent register</tt> command. Unfortunately the generated host secret was written to the cmk-update-agent.log. This logfile is not protected and usually world-readable. With this secret one can download the current agent from the Checkmk server. Included in that agent package are the plugin configs which can contain other secrets. (e.g. database credentials) Mitigations without updating: LI: Reregister the agent-updater. Then sanitize the cmk-update-agent.log files. LI: If you cannot rule out that any unauthorized user read <tt>/var/lib/check_mk_agent/cmk-update-agent.log</tt> respectively <tt>C:\ProgramData\checkmk\agent\log\cmk-update-agent.log</tt> you should rotate all secrets that might be or were included in the agent configurations. Steps needed with the update: LI: Update your agent. LI: Reregister the agent-updater. All versions including 1.5 are subject to this vulnerability. We found this vulnerability internally and have no indication of any exploitation. We calculated a CVSS 3.1 score of 6.5 (Medium) with the following vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

1 year, 10 months

Checkmk Werk 14685: Fixed real-time checks with encryption

by Sven Panne

ID: 14685 Title: Fixed real-time checks with encryption Component: cmc Level: 2 Class: Bug fix Version: 2.2.0i1 Real-time check data which contains a 0-byte was not processed correctly, so this mainly affected encrypted RTC data. This has been fixed. Note that even normal check results were affected, but these are normally text-only without any 0-bytes, so they worked basically all the time.

1 year, 10 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Checkmk werks level2