Bernd's Interview on Icinga at Floss Weekly

Floss Weekly LogoLast Wednesday Bernd gave an interview on Icinga to Randal L. Schwartz from Floss Weekly, a free software/open source theme podcast. Since 2010, Randal is the lead host of this show where he interviews every week influential OS experts from over the world. In this interview, Bernd explained the main differences between Nagios and Icinga as well as the advantages of Icinga 2 over them and its API. Randal and his co-host Guillermo Amaral, asked questions about monitoring in general with Icinga 2, integration with other tools and future prospects.
If you want to know more about it, check out the interview!

Bugfix releases: Icinga 2 v2.3.7 and Icinga v1.13.3

This time we’ll release two Icinga Core bugfix releases – Icinga 2 v2.3.7 and Icinga v1.13.3.

Package updates are available soon, meanwhile check the Changelog below.

What’s New in Version 2.3.7


  • Bugfixes


  • Feature 9610: Enhance troubleshooting ssl errors & cluster replay log


  • Bug 9406: Selective cluster reconnecting breaks client communication
  • Bug 9535: Config parser ignores “ignore” in template definition
  • Bug 9584: Incorrect return value for the macro() function
  • Bug 9585: Wrong formatting in DB IDO extensions docs
  • Bug 9586: DB IDO: endpoint* tables are cleared on reload causing constraint violations
  • Bug 9621: Assertion failed in icinga::ScriptUtils::Intersection
  • Bug 9622: Missing lock in ScriptUtils::Union

What’s New in Version 1.13.3


  • Bugfixes


  • Bug 7337: Only use SCHEDULE_HOST_DOWNTIME command for Icinga 2.x
  • Bug 8130: Wrong values for percent_* when using hostgroup in availability report
  • Bug 9020: Solaris package behaves badly upon uninstall
  • Bug 9106: Icinga no longer sending acknowledgement notifications
  • Bug 9240: invalid JSON for flapping threshold configuration

Icinga 1.13.0 released

logo_icingaWhile you may have seen a lot of updates in our 2.x development head, Icinga 1.x is still alive and being patched and bug-fixed. Some smaller features have also been incorporated into 1.13.0 so consider upgrading your existing installation.

Changelog Core, IDOUtils, Classic UI


  • Remove deprecated event_profiling_enabled from icinga.cfg
  • Remove deprecated broker_module from icinga.cfg (use module object configuration instead)
  • Add module config examples in modules/ directory (livestatus, mod_gearman, pnp4nagios, flapjack)
  • Move contrib/downtimes to tools/downtimes and add ‘make install-downtimes’


  • Feature #1867: Recurring Downtimes
  • Feature #6353: deprecate icinga.cfg:broker_module; add more module examples
  • Feature #8007: Implement an option to disable transactions
  • Feature #8139: Add functions for registering file descriptors closed on fork()
  • Feature #8140: Add Check Result List Mutex for NEB modules
  • Feature #8426: Remove constraint from *dependencies tables
  • Feature #8440: Enhance idomod logging


  • Bug #6263: Race condition in init.d scripts’ stop
  • Bug #6762: Icinga crashes when “args” attribute is not specified for modules
  • Bug #7004: GET form param has no effect on cmd.cgi acks (again)
  • Bug #8202: Cool tip text for refresh of hosts and services says “I’m so lonely up here. Where should I go?”
  • Bug #8441: require the ‘config_file’ argument in idomod modules configuration
  • Bug #8445: cmd.cgi use_ack_end_time param does not enable tickbox in form

Download icinga-1.13.0 here.

Changelog Web


  • Ewoud Kohl van Wijngaarden found a way for an SQL injection in Icinga Web’s API. An authenticated user could inject SQL code via a crafted JSON filter (#7924, CVE-2015-2685)

We recommend to update your installation to 1.13.0 as the features are minimal invasive.
Notable changes and features

  • The log now contains the ip address of a user login failed, or the user just logged in and out (#7357)
  • We implemented a command log that contains any command that is send to the Icinga core by an user – written to a separate log file command-20XX-XX-XX.log (#7893)
  • (Bug) Acknowledgments where sent without a proper sticky declaration. This problem has been fixed and host or service acknowledgments are now sticky by default – what it should and was intended to be. (#5838 #7003) Please review our documentation if you are not sure what sticky means.
  • Grids can now display customvariables. Because customvariables are customised on every installation, this feature is disabled by default. See  doc/ for further information.

Other bugs

  • When using Kerberos authentication in a web server a user could receive all credentials when he had a role that had no credentials set (#7892) In our tests that only happens with Kerberos users.
  • When a user could not be imported during login the database exception was not generated correctly (#8301)
  • Don’t contact more authentication providers than necessary during login. Thanks to Victor Hahn (#8341)
  • Fixed the irritating error during application state reset (#8523) The state was always cleared, but an error popped up for the user.

Download icinga-web-1.13.0 here.

Icinga on Univention Corporate Server

Univention Corporate ServerGood news for Univention Corporate Server (UCS) users: Icinga is now available in the Univention Application Center for monitoring.
After a few weeks of working with the guys at Univention, we have put together the Icinga app for UCS to offer users an alternative (or addition) to the pre-installed Nagios 3.5.
The Icinga app comes with Icinga 1, Classic UI and the usual plugins, configured and ready to monitor. As it is based on our Debian packages, upgrades will be provided for every major release.
Installation is easy, as it uses the configurations and plugins from any Nagios app that is already running. Once downloaded, the app will automatically install Icinga 1 with the Classic UI and integrate itself into your UCS.
Just be aware that after the initial installation your will have both, Nagios and Icinga 1 running. If you want to use Icinga 1 instead of the shipped Nagios, simply disable the Nagios service.
The open source equivalent of Microsoft’s Small Business Server, UCS is a convenient tool for centralized administration of domains, users and services typical to most networks. It basically ships a server based on Debian, and range of commonly used open source applications which are managed by a central console. Additional applications can be loaded through their application center. Great for users who prefer to get their IT in one standardized package, and shy away from the details of installation and integration.
The Icinga app is easy to test – just download it from Univention and use their free, personal-use license (for up to five users). Don’t forget to check out their demo too.


Icinga Security Releases – 1.10.2, 1.9.4, 1.8.5

icingacoreFollowing up on our recent Icinga 1.10.2 bug fix release, we have backported patches to older versions and now present 1.8.5 and 1.9.4 for download.
These two new bug fix releases are important for users who allow public access to their Classic UI. In particular they deal with susceptibilities to:

  • (CVE-2013-7106) Buffer overflow errors, as fixed in #5250
  • (CVE-2013-7108) Off-by-one errors, as fixed in #5251

Please note: CVE-2013-7107 was identified and is being addressed with issue #5346. A fix will be integrated into Icinga 1.11. In the meantime, we recommend users with vulnerabilities to manage their user rights accordingly in the Classic UI.
Once again we thank the DTAG Group Information Security for their advice.
For a quick upgrade, keep an eye on our auto-built packages. As always, we welcome your feedback on our development tracker and support channels.

Icinga 1.10.2 Bug Fix Release

icingacoreIcinga 1.10.2 is out for download and is our prompt response to potential security issues. In particular, this release is recommended for users who allow public access to their Classic UI.
Aside from this, Icinga 1.10.2 irons out Oracle compiling and upgrading in IDOUtils and adds a few minor config related fixes to the Core. See our change log for more details.
Thanks to all users who have contributed their patches and bug reports, and special kudos goes to DTAG Group Information Security for alerting us to the security threats. Our development tracker is always open and we look forward to receiving your continued feedback.



  • Add an Icinga syntax plugin for Vim #4150 – LE/MF
  • Document dropped options log_external_commands_user and event_profiling_enabled #4957 – BA
  • Type in spec file on ido2db startup #5000 – MF
  • Build fails: xdata/xodtemplate.c requires stdint.h #5021 – SH


  • Fix status output in JSON format not including short and long plugin output properly #5217 – RB
  • Fix possible buffer overflows #5250 – RB
  • Fix Off-by-one memory access in process_cgivars() #5251 – RB


  • IDOUtils Oracle compile error #5059 – TD
  • Oracle update script 1.10.0 failes while trying to drop nonexisting index #5256 – RB