Welcome to docs.opsview.com

Changes

This page lists the major changes between releases

Opsview 4.4.4

Fixes

  • Fixed post reload process not updating new hosts or host group changes until the 2nd reload

Technical

  • Removed unused query_host.cgi script

Opsview 4.4.3

Opsview is pleased to announce the release of Opsview 4.4.3 which includes a patch to resolve NRPE Remote Execution vulnerability. This new release is available immediately from our Opsview Commercial Software Repositories for all of our Supported Platforms and Software.

In addition to this, Opsview Agent packages for these supported platforms have been released, enabling you to update your monitored devices. You must upgrade systems running the agent to ensure they are protected against this vulnerability, as well as the Opsview infrastructure itself. Agents are available from our package repositories as well as on our main website: Download Opsview Agents.

Additionally, to help protect our customers, we have also released updated agent packages for the following platforms on our website:

  • Solaris 10 i386 32-bit
  • Solaris 10 i386 64-bit
  • Solaris 10 SPARC 64

Please note that the Windows Agent is not affected.

In addition to upgrading your systems, we would still strongly recommend taking the following steps:

  • Using the 'allowed_hosts' directive in your client nrpe.cfg configuration files to prevent access from any hosts other than your Opsview monitoring infrastructure
  • Firewalling the agent port (tcp/5666) to further restrict access to trusted hosts
  • Using the 'Runaway processes' check with Opsview to identify any processes consuming an unusual amount of CPU time
  • Investigating any suspicious alerts or activity, particularly on devices which are internet facing

Security Fix

  • Fixed NRPE Remote Plugin Executor vulnerability - newline character is no longer permitted in NRPE arguments.

Enhancements

  • Reduced notification tables in Runtime to only contain 7 days worth, as this data is imported into ODW
  • Added order=priority to rest/config/role to mimic web list order
  • Improved post reload process on systems with deep host group hierarchies. On some systems, this can reduce the process duration by 70%

Fixes

  • Fixed an issue with ODW importing where a host has a change in case for its name and host group data at same time
  • Fixed an ODW import issue where downtimes with a zero duration were causing an infinite loop
  • Added missing notification and event handler macros: CONTACTALIAS, HOSTGROUPALIAS, HOSTSTATEID, SERVICENOTES, SERVICESTATEID
  • Fixed REST API reload issue
  • Fixed Nagios issue where nagios would crash if a passive result was processed before objects were initialised
  • Fixed browser console error on login page

Opsview 4.4.2

Enhancements

  • Added extra index for NetFlow summary queries, reducing query time for sources summary to 1% of previous time
  • Performance gauge dashlet now has a “humanise values” configuration option so all values are normalised and then humanised
  • New hosts without a host check command get assigned a dummy check instead
  • For additional security, Opsview cookies will always have httpOnly flag set and secure flag set when using HTTPS. Thanks to Darren Glynn for reporting the issue
  • Added 'logout' method to REST API
  • AuthTkt secret key is now randomly generated at install time. If you are upgrading, see the configuration documentation on how to change the authtkt shared secret.

Notices

  • “Promote MIB” functionality removed from SNMP trap exceptions as this is seldom used and was causing errors on the list page

Fixes

  • Fixed various XSS, CSRF and open redirection security vulnerabilities in Opsview Web. Thanks to Darren Glynn for reporting the issues
  • Fixed memory leaks in Nagios
  • Fixed graph scaling for GB and TB
  • Fixed timezone=undefined in Dashboard's event table dashlet
  • Updated Service Desk Connector to work with HTTPS for OTRS
  • Fixed multiple MySQL performance checks clashing on the same host and giving UNKNOWN results
  • Increase SNMP trap processing timeout from 10 seconds to 30 (to fix log message 'Killing snmptrap update XXX - taking too long' in opsviewd.log)
  • Renamed 'invert plugin results' command 'negate' to prevent clashes when used directly
  • Possible fix for notifications that are sent incorrectly even though host is already in downtime. Only seen just after a reload
  • Fixed NMIS issues due to SNMP_Session.pm
  • Fixed slow responses from check_vmware_api plugin

Opsview 4.4.1

Enhancements

  • Speed up reload configuration generation by 25% when using lots of attributes
  • Added missing notification and event handler macros: HOSTDOWNTIME, SERVICEDOWNTIME
  • Include keywords in email notifications
  • Improvements to NetFlow sources history charts and investigate mode
  • Process Map now retains aspect ratio
  • NetFlow drawer hides when access is removed per user
  • Plugin output has newlines converted to <BR>'s in the Hostgroup Hierarchy pages
  • Reports updated to draw chart summaries over multiple pages rather than squashed on a single page

Notices

  • Changed default host check interval to 5 minutes for new hosts. Existing hosts will need to be manually changed. If it is set at 0, then it is possible to see hosts in a DOWN state when all services are OK
  • The Public role has the VIEWPORTACCESS access only as this access is the only one that makes sense. Saving this role in the UI will remove all other accesses
  • As plugin output is now HTML escaped in status pages, use markdown format if you require HTML output

Fixes

  • Fixed excessive memory usage in perl database importing daemon
  • Nagios 4 update with major fixes
  • Fixed XSS and CSRF exposure - Thanks to Charlie Eriksen via Secunia SVCRP. Fixes CVE-2013-5694 and CVE-2013-5695
  • Fixed XSS errors on some pages. Thanks to joquendo@e-fensive.net for reporting the issues
  • Fixed demo user allowing host interfaces to be changed without CONFIGURESAVE permission
  • Ensure opsview-agent, opsview and opsview-web init.d scripts conform much better to standards
  • Fixed ODW check on reporting recent loads when the feature isn't enabled
  • Fixed error on Push Notifications For iOS Mobile configuration page
  • Fixed performance graph dashlet using wrong graph type, fixed stack graphing mode showing accumulated figures
  • Fixed IE8 not showing investigate window buttons correctly
  • Fixed NetFlow sources history dashlet coming out of zoom mode incorrectly when browser window resized
  • Fixed Dashboard configuration of multi-master when reduced to only one master
  • Fixed Dashboard retaining collector grouping for sources summary
  • Fixed cloning of process map on Chrome
  • Fixed pid files not being removed correctly for daemon shutdown
  • Fixed some embedded newlines not being interpreted correctly for plugin output in email notifications
  • Fixed check_opsview_ndo_import reporting errors if .ignored files were left
  • Fixed Safari bug where changing passwords were not validating correctly
  • Fixed occasional core dumps on RHEL/CentOS when Nagios worker cannot execute a command with environment set
  • check_opsview_ndo_import misses out .ignored files from being counted as age of NDO files
  • Fixed incorrect caching of admin edit pages
  • Fixed WMI detection on RHEL5/Centos5
  • Fixed SNMP trap exceptions housekeeping to use the configured retention correctly

Opsview 4.4.0

Features

  • NetFlow traffic analysis to allow investigation into bandwidth usage
  • Dashboard with 7 new NetFlow dashlets, an Investigation mode for detailed NetFlow bandwidth information, and a revamped Dashlet drawer
  • Improved Multi-tenancy support to allow user, role and host group configuration by tenants
  • Service Desk Connector now includes OTRS and Salesforce Service Cloud support
  • New Opspack for monitoring Amazon Cloudwatch

Enhancements

Access Control

  • Access control additions:
    • New NETFLOW and CONFIGURENETFLOW for view/configure access. On upgrade, any role with the ADMINACCESS access will inherit these
    • New CONFIGURECONTACTS, CONFIGUREROLES, CONFIGUREHOSTGROUPS. On upgrade, any role with CONFIGUREVIEW access will inherit these
    • New CONFIGURETENANCIES is not added to any roles automatically
    • New NAGVIS access. On upgrade, any role with VIEWALL and VIEWSOME will include NAGVIS for backwards compatibility. Recommend restriction to VIEWSOME
  • New 'All Monitoring Servers' option in role admin
  • Updated ACL checking for consistency

Distributed Monitoring

  • Improve checks on slave side of SSH tunnels for talking to the master
  • Improve checking of slave tunnels by master
  • Account for race condition when checking Opsview slave cluster health
  • On deletion/deactivation/removal of nodes of slave servers, will try to stop Opsview on each node
  • Issues with slave connection to master are now logged to opsview-slave.log
  • Improved cluster node take over script to include event handlers and passive results

User Interface

  • Management URLs open in a new window for http and https methods
  • Allow disabling of the automatic monitoring server selection based on host's IP address
  • Allow for social media links to be disabled on the login page
  • Improved CSS for admin pages to line up checkboxes, radio buttons and text

SNMP

  • check_snmp_interfaces_cascade now reports timings on main execution parts and wraps cache updated in a single transaction. Previous time metric is now renamed to totaltime
  • Downgrade check_snmp_interfaces_cascade errors with invalid percentage utilisation (critical) and long plugin execution time (warning) to be unknowns instead

Installation

  • Debian packages will use the debian-sys-maint user for mysql for non-prompted upgrades
  • Improved Debian postinstallation script so that only prompts for mysql root password on new installs
  • Random passwords created for database connections for new installs
  • check_oracle_health caters better with some plugin timeouts
  • Improved Opspack install process to always copy plugins and retry next time for conflicts
  • Opsview Web executable significantly reduced with external libraries removed

Opsview Agents

  • Solaris agent fixes:
  • - Use SMF instead of /etc/init.d/ script to start agent
  • - Shut down agent on package removal
  • - Compile all binaries to correct 32 or 64 bitness instead of mixed
  • - Remove NSCA binary to reduce 2rd part dependancies (since it is rarely used)
  • - Remove in place upgrade functionality as it wasn't reliable
  • - Fix warning on package install for registering FS space usage
  • Changed Opsview Agent/NRPE's pid file directory to /var/tmp to support Solaris zones

Auto-discovery

  • Auto-discovery now detects similar host names using case insensitive matching

Notifications

  • Notification profiles and shared notification profiles now have a field to prevent the sending of alerts after a defined number
  • Improved “Stop Alert After” so that state changes will not be blocked
  • Added AQL as a method of sending notifications

Nagios Core

  • Patch from Nagios Core to improve error message when plugin times out
  • Tool to help convert Nagios 3 command arguments to Nagios 4 style

Utilities

  • Improve 'rename_hosts' utility to also update events view table
  • Improve snmptrap exception and debug housekeeping to reduce load on the database
  • Add in a local shell profile file that will not be lost on an upgrade
  • Added in missing option aliases to nlcat

Notices

  • Nagvis is now blocked by a new access, but configuration is required at Apache to restrict
  • There are new service checks to monitor Opsview's housekeeping functions. These need to be manually added
  • For further information, see documentation

Fixes

  • Fixed Nagios 4 return code 7 issues and environment variables not being consistently applied in notifications
  • Fixed validation forms not working in IE9 and IE10
  • Fixed scenarios where missing row in metadata table for dashboardLast causes check_opsview_update error
  • Fixed issue where passive service checks with freshness alerts were running after a takeover
  • Fixed license expiry check to be consistent with about page
  • Fixed Debian nagios-nrpe-server package not being a conflict
  • Fixed check_snmp_ifstatus plugin to cope with gaps in nodes when polling SNMP interfaces
  • Fixed SNMP polling of device interfaces with no ifDescr set
  • Fixed paths to images in events view for a rehomed web app
  • Fixed adding custom contact variables from notification methods into environment variables for notification scripts to use
  • Fixed notify_by_rss's maximum number of items, which was off by one
  • Added missing notification macros: LASTHOSTDOWN, LASTHOSTCHECK, LASTHOSTUNREACHABLE, LASTHOSTUP, LASTSERVICECHECK, LASTSERVICEOK, LASTSERVICEWARNING, LASTSTATECHANGE, HOSTDURATION, HOSTNOTIFICATIONNUMBER, NOTIFICATIONAUTHOR, NOTIFICATIONCOMMENT, SERVICEDURATION, SERVICENOTIFICATIONNUMBER
  • Fixed attributes with numbers in the name when processing commands
  • Redirected 'call_nmis' cronjob output to the existing nmis.log logfile
  • Stop running MRTG checks on a reload when SNMP is not enabled
  • Fixed slave cluster takeover when the servicecheck name has been changed
  • Merge of upstream Nagios 4 fixes: backticks checked within double quotes, close parenthesis detected, shell variables and subcommmands detected, closing all file descriptors in workers, various other fixes
  • Fixed check_snmp_interfaces_cascade where no ifSpeed is matched to an interface
  • Fixed issue where Host Attributes Value of 0 being converted to empty string in UI
  • Merge of upstream Nagios 4 fixes: backticks checked within double quotes, close parenthesis detected, shell variables and subcommmands detected, closing all file descriptors in workers
  • Fixed semicolons in command definitions not being interpreted as comments
  • Fixed ~ as needing to be executed by shell
  • Fixed CONTACTGROUPLIST environment macro, broken in Nagios 4 upgrade
  • Re-applied Nagios plugin limit of 16K
  • Re-enable contact notification information into Runtime
  • New notification methods will be set to run on master when upgrading to Opsview Pro/Enterprise
  • Fixed multiple “Starting Opsview Web” messages in opsview-web.log
  • check_snmp_interfaces_cascade now displays an informational message if there are no SNMP tables for extended throughput data
  • Fixed setting of sticky acknowledgements in mass acknowledgements page
  • Dashboard fix for process map showing red crosses incorrectly until a refresh
  • Fixed 'uninitialized value' in import_runtime from malformed perfdata and log appropriately
  • Fixed notification profile links when navigated from /user/preference
  • Fixed REST API /runtime/service for VIEWSOME users
  • Fixed slave setup not creating /opt/opsview on new slaves
  • Fixed contextual menus on performance style viewport when Opsview Web rebased
  • Fixed survey data when missing dashboard fields in metadata table
  • Fixed Safari bug where changing passwords were not validating correctly
Navigation
Print/export
Toolbox