Icinga Web 2.7.2

Icinga Web 2.7.2

We are happy to announce a new bugfix release for Icinga Web 2. Official packages are available on packages.icinga.com. You can find all issues related to this release on our Roadmap.

 

Less Smoky Database Servers

The release of v2.7.1 introduced a change which revealed an inefficient part of our database queries. We made some
general optimizations on our queries and changed the way we utilize them in some views. The result are faster
response times by less work for the database server.

  • Consuming more CPU resources since upgraded to 2.7.1 #3928

 

Anarchism Infested Dashboards

Recent history already showed signs of anarchism. (Pun intended) A similar mindset now infested default dashboards
which appeared in a different way than before v2.7.0. We taught their dashlets a lesson and order has been reestablished
as previously.

  • Recently Recovered Services in dashboard “Current Incidents” seems out of order #3931

 

Solitary Downtimes

We improved the host and service distinction with v2.7.0. The downtimes list however got confused by this and didn’t
knew anymore how to combine multiple downtimes. If you now instruct the list to select multiple downtimes this works
again as we removed the confusing parts.

  • Selection of multiple downtimes fails #3920

 

Icinga Web 2.7.1

Icinga Web 2.7.1

We are happy to announce a new bugfix release for Icinga Web 2. Official packages are available on packages.icinga.com. You can find all issues related to this release on our Roadmap.

 

Sneaky Solution for Sneaky Links

Usually we try to include only bugs in minor-releases. Sorry, bug-fixes, of course. But thanks to @winem_ we have also a little enhancement this time: Links in comments, notes, etc. are now highlighted as such.

  • Highlight links in the notes of an object #3888

 

Nobody’s Perfect, Not Even Developers

We knew it. We saw it coming. And forgot about it. Some views, especially histories, showed an anarchic behavior since v2.7.0. The change responsible for this has been undone and history’s order is reestablished now.

  • Default sort rules no longer work in 2.7.0 #3891

 

Restrictions Gone Wild Cagey

A fix unfortunately caused restrictions using wildcards to show no results anymore. This is now solved and such restrictions are as permissive as ever.

  • Wildcard filters in chains broken #3886

 

Icinga Web 2.7.0

Icinga Web 2.7.0

We are happy to announce a new release for Icinga Web 2, version 2.7.0. Official packages are available on packages.icinga.com. You can find all issues related to this release on our Roadmap.

 

Icinga’s Amazingness Spreads Further

All the Japanese and Ukrainian monitoring enthusiasts can now appreciate our web-frontend in their native tongue. Being so late to the party is also of their advantage, though. Because they can adjust their dashboard without worrying it gets broke with the next update. (All other admins with non-english users, please have a look at our upgrading documentation)

  • Add Japanese language support #3776
  • Add Ukrainian language support #3828
  • Don’t translate pane and dashlet names in configs #3837

 

Modules – Bonus Functionality Unleashed

With this release module developers got additional ways to customize Icinga Web 2. Whether you ever wanted to hook into a configuration form’s handling, to perform your very own Ajax requests or enhance our multi-select views with fancy graphs. All is possible now.

  • Allow to hook into a configuration form’s handling #3862
  • Allow to fully customize click and submit handling #3767
  • Integrate DetailviewExtension into multi-select views #3304

 

UI – Your Daily Routine and Incident Management, Enhanced

Users with color deficiencies now have a built-in theme to ease navigating within Icinga Web 2. Also, our forms got a long overdue re-design and now look less boring. Though, the best of all features is that clicking while holding the Ctrl-key now actually opens a new browser tab! Lost comments? No more. Defining an expiry date again? No more!

  • Add colorblind theme #3743
  • Improve the look of forms #3416
  • Make ctrl-click open new tab #3723

 

Stay Focused – More Room for More Important Stuff

Some of you know that some checks tend to produce walls of text or measure (too) many interfaces. Now, plugin output and performance data will collapse if they exceed a certain height. If necessary they can of course be expanded and keep that way across browser restarts. The same is also true for the sidebar. (Though, this one stays collapsed)

  • Persistent Collapsible Containers #3638
  • Collapsible plugin output #3870
  • Collapsed sidebar should stay collapsed #3682

 

Markdown – Tables, Lists and Emphasized Text The Easy Way

Since we now have the possibility to collapse large content dynamically, we allow you to add entire wiki pages to hosts and services. Though, if you prefer to use a real wiki to maintain those (what we’d strongly suggest) it’s now easier than ever before to link to it. Copy url, paste url, submit comment, Done.

  • Make notes, comments and announcements markdown aware #3814
  • Transform any URL in a Comment to a clickable Link #3441
  • Support relative links in plugin output #2916

 

Things You Have Missed Previously

The tactical overview, our fancy pie charts, is now the very first result when you search something in the sidebar. If you’ll see two entirely green circles there, relax. Also overdue or unreachable checks are now appropriately marked in list views and the service grid now allows you to switch between everything or problems only.

  • Add tactical overview to global search #3845
  • Servicegrid: Add toggle to show problems only #3871
  • Make overdue/unreachable checks better visible #3860

 

Authorization – Knowing and Controlling What’s Going On

Roles can now be even more tailored to users since the introduction of a new placeholder. This placeholder allows to use a user’s name in restrictions. Things like _service_responsible_person=$user:local_name$ are now possible. The audit log now receives failed login-attempts, that’s been made possible since hooks can now run for anonymous users.

  • Allow roles to filter for the currently logged in user #3493
  • Add possibility to disable permission checks for hooks #3849
  • Send failed login-attempts to the audit log #3856

See also the audit module which got an update and is required for #3856 to work.

 

 

Monitoring Automation with Icinga – Certificate Monitoring

Monitoring Automation with Icinga – Certificate Monitoring

In our ongoing efforts to make it easier to automate monitoring environments we recently introduced a new module for Icinga Web 2.

Icinga Certificate Monitoring

on Github

This module is first and foremost a platform which lets you have an overview over all the certificates you are using in your environment to prove the identity of your devices. You can take a quick glance or a very detailed look at them. It will help you to know exactly how your certificates are distributed based on the signing certificate authority, the used algorithms and key strengths as well as which certificate expires next.

 

Certificates Dashboard

 

It helps with automation

You don’t need to register each device or certificate by hand. The module will scan the networks you’ll provide it with and harvest any certificates it encounters. Whether it does this regularly or on demand is fully up to you.

Networks are provided by setting up jobs. These jobs define several IP ranges in CIDR notation and ports. Schedules in CRON format may also be set for jobs so that this module’s daemon runs them regularly.

 

Integrates well with your environment

Cloud hosting and virtual machines are on the rise for a long time now and with SNI (Server Name Indication) a single host may easily present different certificates on the same endpoint. In order to facilitate this, the module can be told to scan an endpoint multiple times by setting up SNI maps.

Installed alongside the monitoring module, Icinga Certificate Monitoring even accesses its database backend to fetch SNI information.¹ This will help to match results found in the scan process to already known hostnames in your monitoring environment.

 

Don’t miss to roll out new certificates

Let’s be honest, everyone has sometimes missed to re-new or replace expired certificates. The module provides detailed views showing you exactly which certificates require your attention.

Certificate Overview

Certificate Chain Health

 

Take advantage of your favorite monitoring tool

Though, if you’re not proactively looking at the user interface the check command shipped with this module may help with setting up notifications in Icinga.

Certificate Usage

Monitoring Service List

 

Bridging the gap with the Director

With all this talk about automation one has to wonder how to establish a link between this module’s knowledge about certificates and Icinga’s configuration. You’re right if you think of the Director’s import and synchronization functionality now.

The module lets you easily import known hosts or certificates with its own import sources. By setting this up you only have to define jobs for it and all the rest is handled automatically.

 

¹Available with Icinga Web v2.7 (Scheduled for release mid 2019)

 

Icinga Web 2.6.3

Icinga Web 2.6.3

We are happy to announce a new bugfix release for Icinga Web 2. Official packages are available on packages.icinga.com. Community repositories might need a while to catch up.

You can find issues related to this release on our Roadmap.

 

PHP 7.3

Now supported.

 

LDAP – Community contributions, that’s the spirit

With the help of our users we’ve finally fixed the issue that defining multiple hostnames and enabling STARTTLS has never properly worked. Also, they’ve identified that defining multiple hostnames caused a customized port not being utilized and fixed it themselves.

There has also a rare case been fixed that caused no group members being found in case object classes had a different casing than what we expected. (Good news for all the non-OpenLdap and non-MSActiveDirectory users)

  • LDAP connection fails with multiple servers using STARTTLS #3639
  • LDAPS authentication ignores custom port setting #3713
  • LDAP group members not found #3650

 

We take care about your data even better now

With this are newlines and HTML entities (such as  ) in plugin output and custom variables meant. Sorry if I’ve teased some data security folks now.

  • Newlines in plugin output disappear #3662
  • Windows path separators are converted to newlines in custom variables #3636
  • HTML entities in plugin output are not resolved if no other HTML is there #3707

 

You’ve wondered how you got into a famous blue police box?

Don’t worry, not only you and the european union are sometimes unsure what’s the correct time.

  • Set client timezone on DB connection #3525
  • Ensure a valid default timezone is set in any case #3747
  • Fix that the event detail view is not showing times in correct timezone #3660

 

UI – The portal to your monitoring environment, improved

The collapsible sidebar introduced with v2.5 has been plagued by some issues since then. They’re now fixed. Also, the UI should now flicker less and properly preserve the scroll position when interacting with action links. (This also allows the business process module to behave more stable when using drag and drop in large configurations.)

  • Collapsible Sidebar Issues #3187
  • Fix title when closing right column #3654
  • Preserve scroll position upon form submits #3661

 

Corrected things we’ve broke recently

That’s due to preemptive changes to protect you from bad individuals. Unfortunately this meant that some unforeseen side-effects appeared after the release of v2.6.2. These are now fixed.

  • Multiline values in ini files broken #3705
  • PHP ini parser doesn’t strip trailing whitespace #3733
  • Escaped characters in INI values are not unescaped #3648

Though, if you’ve faced issue #3705 you still need to take manual action (if not already done) as the provided fix does only prevent further occurrences of the resulting error. The required changes involve the transformation of all real newlines in Icinga Web 2’s INI files to literal \n or \r\n sequences. (Files likely having such are the roles.ini and announcements.ini)