Icinga Web 2.7.1

Icinga Web 2.7.1

We are happy to announce a new bugfix release for Icinga Web 2. Official packages are available on packages.icinga.com. You can find all issues related to this release on our Roadmap.

 

Sneaky Solution for Sneaky Links

Usually we try to include only bugs in minor-releases. Sorry, bug-fixes, of course. But thanks to @winem_ we have also a little enhancement this time: Links in comments, notes, etc. are now highlighted as such.

  • Highlight links in the notes of an object #3888

 

Nobody’s Perfect, Not Even Developers

We knew it. We saw it coming. And forgot about it. Some views, especially histories, showed an anarchic behavior since v2.7.0. The change responsible for this has been undone and history’s order is reestablished now.

  • Default sort rules no longer work in 2.7.0 #3891

 

Restrictions Gone Wild Cagey

A fix unfortunately caused restrictions using wildcards to show no results anymore. This is now solved and such restrictions are as permissive as ever.

  • Wildcard filters in chains broken #3886

 

Color Blind theme for Icinga Web 2

Color Blind theme for Icinga Web 2

Give your Icinga Web 2 a new look – with official ‘Color Blind Theme’ introduced in version 2.7.0! Not just for people with impaired colour vision – with a fresh and well rounded new palette, the new theme is a real looker!

It’s important for us that everyone has the chance to use our tools with maximum effectiveness.We took an existing module from our Icinga Partner Sol1icingaweb2-theme-colourblind by Andrew Foster – refined it a little and it is now part of the default Icinga Web 2 colour scheme bundle!

 

What’s with the change?

The colorblind theme by Sol1 was already very well made, but we saw some minor issues with the chosen colours in terms of:

  • context with the icinga states
  • readability

Well, let’s just have a look first:

Overview over the different themes and the effects colour deficiency has on the appearance

Overview over the different themes and the effects colour deficiency has on the appearance

So in the top, there is the default Icinga colour scheme – with mocks of the three types of colour deficiency we focused on during the development for the module.
In the middle row you can see the module Sol1 provided
Last row is the new theme which is integrated into the Icinga Web 2 core now.

Icinga state context

Another minor detail to improve was the colour of the WARNING (handled) state, which didn’t really fit in with the rest:

Comparison of colours for the states + handled states

The WARNING (handled) grey sticks out and is hard to connect to the unhandled state colour

So in order to both have the context in which the colours are used preserved and have some sort of hierarchy in severeness of the states some changes needed to be made.

This warranted for a change both in brightness and hue for the OK green as well, so it could be distinguished from the WARNING (handled) yellow:

Visual representation of a colour with changes in hue, saturation and brightness

Visual representation of changes in hue, saturation and brightness.

 

Readability

There have also been some changes to the font colour:
Handled states (Including OK for urgencies sake) are now displayed with black text.

This makes it a lot easier to distinguish between handled and unhandled states in the blink of an eye.

Badges with the different themes

Badges with the different themes

 

 

In case you want to build your own theme, there is a helpful article on the topic from our Partner Würth Phoenix. If you have any issues, feedback or inspiration – please tell us about it here or open an issue on github.

And by the way, I will be speaking about this topic at the Icinga Camp Stockholm as well!

Icinga Web 2.7.0

Icinga Web 2.7.0

We are happy to announce a new release for Icinga Web 2, version 2.7.0. Official packages are available on packages.icinga.com. You can find all issues related to this release on our Roadmap.

 

Icinga’s Amazingness Spreads Further

All the Japanese and Ukrainian monitoring enthusiasts can now appreciate our web-frontend in their native tongue. Being so late to the party is also of their advantage, though. Because they can adjust their dashboard without worrying it gets broke with the next update. (All other admins with non-english users, please have a look at our upgrading documentation)

  • Add Japanese language support #3776
  • Add Ukrainian language support #3828
  • Don’t translate pane and dashlet names in configs #3837

 

Modules – Bonus Functionality Unleashed

With this release module developers got additional ways to customize Icinga Web 2. Whether you ever wanted to hook into a configuration form’s handling, to perform your very own Ajax requests or enhance our multi-select views with fancy graphs. All is possible now.

  • Allow to hook into a configuration form’s handling #3862
  • Allow to fully customize click and submit handling #3767
  • Integrate DetailviewExtension into multi-select views #3304

 

UI – Your Daily Routine and Incident Management, Enhanced

Users with color deficiencies now have a built-in theme to ease navigating within Icinga Web 2. Also, our forms got a long overdue re-design and now look less boring. Though, the best of all features is that clicking while holding the Ctrl-key now actually opens a new browser tab! Lost comments? No more. Defining an expiry date again? No more!

  • Add colorblind theme #3743
  • Improve the look of forms #3416
  • Make ctrl-click open new tab #3723

 

Stay Focused – More Room for More Important Stuff

Some of you know that some checks tend to produce walls of text or measure (too) many interfaces. Now, plugin output and performance data will collapse if they exceed a certain height. If necessary they can of course be expanded and keep that way across browser restarts. The same is also true for the sidebar. (Though, this one stays collapsed)

  • Persistent Collapsible Containers #3638
  • Collapsible plugin output #3870
  • Collapsed sidebar should stay collapsed #3682

 

Markdown – Tables, Lists and Emphasized Text The Easy Way

Since we now have the possibility to collapse large content dynamically, we allow you to add entire wiki pages to hosts and services. Though, if you prefer to use a real wiki to maintain those (what we’d strongly suggest) it’s now easier than ever before to link to it. Copy url, paste url, submit comment, Done.

  • Make notes, comments and announcements markdown aware #3814
  • Transform any URL in a Comment to a clickable Link #3441
  • Support relative links in plugin output #2916

 

Things You Have Missed Previously

The tactical overview, our fancy pie charts, is now the very first result when you search something in the sidebar. If you’ll see two entirely green circles there, relax. Also overdue or unreachable checks are now appropriately marked in list views and the service grid now allows you to switch between everything or problems only.

  • Add tactical overview to global search #3845
  • Servicegrid: Add toggle to show problems only #3871
  • Make overdue/unreachable checks better visible #3860

 

Authorization – Knowing and Controlling What’s Going On

Roles can now be even more tailored to users since the introduction of a new placeholder. This placeholder allows to use a user’s name in restrictions. Things like _service_responsible_person=$user:local_name$ are now possible. The audit log now receives failed login-attempts, that’s been made possible since hooks can now run for anonymous users.

  • Allow roles to filter for the currently logged in user #3493
  • Add possibility to disable permission checks for hooks #3849
  • Send failed login-attempts to the audit log #3856

See also the audit module which got an update and is required for #3856 to work.

 

 

Icinga Cube 1.1.0 is out!

Icinga Cube 1.1.0 is out!

As a little introduction for everyone who has not heard about the cube yet:

The cube module is there to show statistics grouped by the custom variables that have been set for the hosts and services. They are then displayed in up to three dimensions for a quick overview to show the relations.

cube module preview

 

The services are going cubin’!

The most prominent change is the addition of services:
While it used to be only possible to have the hosts in a cube, the module has now been extended to provide full functionality with services as well.

You can easily switch between hosts and services, while we keep the filters of your cube in place!

  • Support Services #37

 

No more SQL dump crashes! (or at least fewer)

PostgreSQL rollup syntax errors are now smoothed out and will work as intended – also including the documentation for the requirements.
Having custom variables names like SQL keywords also no longer break the cube!

  • Fix SQL keywords breaking the queries #38
  • Fix rollup syntax for PostgreSQL databases #29 + #24

 

Restrictions are in place

Adds a filter that considers protected custom variables.
The cube now polls the restrictions set in the monitoring module and only shows the hosts that the user has permission to view.

  • Apply monitoring restrictions #33
  • Respect protected custom vars #25

 

And just a pinch of UX

Removed the possibility to add more than three dimensions to the cube – we live in a three dimensional world after all.
When the name of a cube tile is too long to fit, it will no longer push everything else downwards but be shortened with an ellipsis instead!

  • Limit to 3 dimensions #36
  • Truncate long headers #35

 

Fixed pröblems with ümlauts

The URL encoding has been adapted so that both white spaces and umlauts are now supported!
Name your vars however you like!

  • Fix Slices with whitespace or umlaut in data field #17

 

 

Monitoring Automation with Icinga – Certificate Monitoring

Monitoring Automation with Icinga – Certificate Monitoring

In our ongoing efforts to make it easier to automate monitoring environments we recently introduced a new module for Icinga Web 2.

Icinga Certificate Monitoring

on Github

This module is first and foremost a platform which lets you have an overview over all the certificates you are using in your environment to prove the identity of your devices. You can take a quick glance or a very detailed look at them. It will help you to know exactly how your certificates are distributed based on the signing certificate authority, the used algorithms and key strengths as well as which certificate expires next.

 

Certificates Dashboard

 

It helps with automation

You don’t need to register each device or certificate by hand. The module will scan the networks you’ll provide it with and harvest any certificates it encounters. Whether it does this regularly or on demand is fully up to you.

Networks are provided by setting up jobs. These jobs define several IP ranges in CIDR notation and ports. Schedules in CRON format may also be set for jobs so that this module’s daemon runs them regularly.

 

Integrates well with your environment

Cloud hosting and virtual machines are on the rise for a long time now and with SNI (Server Name Indication) a single host may easily present different certificates on the same endpoint. In order to facilitate this, the module can be told to scan an endpoint multiple times by setting up SNI maps.

Installed alongside the monitoring module, Icinga Certificate Monitoring even accesses its database backend to fetch SNI information.¹ This will help to match results found in the scan process to already known hostnames in your monitoring environment.

 

Don’t miss to roll out new certificates

Let’s be honest, everyone has sometimes missed to re-new or replace expired certificates. The module provides detailed views showing you exactly which certificates require your attention.

Certificate Overview

Certificate Chain Health

 

Take advantage of your favorite monitoring tool

Though, if you’re not proactively looking at the user interface the check command shipped with this module may help with setting up notifications in Icinga.

Certificate Usage

Monitoring Service List

 

Bridging the gap with the Director

With all this talk about automation one has to wonder how to establish a link between this module’s knowledge about certificates and Icinga’s configuration. You’re right if you think of the Director’s import and synchronization functionality now.

The module lets you easily import known hosts or certificates with its own import sources. By setting this up you only have to define jobs for it and all the rest is handled automatically.

 

¹Available with Icinga Web v2.7 (Scheduled for release mid 2019)

 

 

Icinga Web 2.6.3

Icinga Web 2.6.3

We are happy to announce a new bugfix release for Icinga Web 2. Official packages are available on packages.icinga.com. Community repositories might need a while to catch up.

You can find issues related to this release on our Roadmap.

 

PHP 7.3

Now supported.

 

LDAP – Community contributions, that’s the spirit

With the help of our users we’ve finally fixed the issue that defining multiple hostnames and enabling STARTTLS has never properly worked. Also, they’ve identified that defining multiple hostnames caused a customized port not being utilized and fixed it themselves.

There has also a rare case been fixed that caused no group members being found in case object classes had a different casing than what we expected. (Good news for all the non-OpenLdap and non-MSActiveDirectory users)

  • LDAP connection fails with multiple servers using STARTTLS #3639
  • LDAPS authentication ignores custom port setting #3713
  • LDAP group members not found #3650

 

We take care about your data even better now

With this are newlines and HTML entities (such as  ) in plugin output and custom variables meant. Sorry if I’ve teased some data security folks now.

  • Newlines in plugin output disappear #3662
  • Windows path separators are converted to newlines in custom variables #3636
  • HTML entities in plugin output are not resolved if no other HTML is there #3707

 

You’ve wondered how you got into a famous blue police box?

Don’t worry, not only you and the european union are sometimes unsure what’s the correct time.

  • Set client timezone on DB connection #3525
  • Ensure a valid default timezone is set in any case #3747
  • Fix that the event detail view is not showing times in correct timezone #3660

 

UI – The portal to your monitoring environment, improved

The collapsible sidebar introduced with v2.5 has been plagued by some issues since then. They’re now fixed. Also, the UI should now flicker less and properly preserve the scroll position when interacting with action links. (This also allows the business process module to behave more stable when using drag and drop in large configurations.)

  • Collapsible Sidebar Issues #3187
  • Fix title when closing right column #3654
  • Preserve scroll position upon form submits #3661

 

Corrected things we’ve broke recently

That’s due to preemptive changes to protect you from bad individuals. Unfortunately this meant that some unforeseen side-effects appeared after the release of v2.6.2. These are now fixed.

  • Multiline values in ini files broken #3705
  • PHP ini parser doesn’t strip trailing whitespace #3733
  • Escaped characters in INI values are not unescaped #3648

Though, if you’ve faced issue #3705 you still need to take manual action (if not already done) as the provided fix does only prevent further occurrences of the resulting error. The required changes involve the transformation of all real newlines in Icinga Web 2’s INI files to literal \n or \r\n sequences. (Files likely having such are the roles.ini and announcements.ini)