tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-07-24 22:24:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10081 from Icinga/doc2143

Browse Source 
Update documentation
This commit is contained in:
Yonas Habteab 2025-01-08 09:56:18 +01:00 committed by GitHub
commit 7346b70201
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
24 changed files with 244 additions and 244 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
AUTHORS
View File

@ -52,6 +52,7 @@ Christian Gut <cycloon@is-root.org>
Christian Harke <ch.harke@gmail.com>
Christian Jonak <christian@jonak.org>
Christian Lehmann <christian_lehmann@gmx.de>
Christian Lauf <github.com@christian-lauf.info>
Christian Loos <cloos@netsandbox.de>
Christian Schmidt <github@chsc.dk>
Christopher Peterson <3893680+cspeterson@users.noreply.github.com>
@ -134,6 +135,7 @@ Jochen Friedrich <j.friedrich@nwe.de>
Johannes Meyer <johannes.meyer@icinga.com>
Jonas Meurer <jonas@freesources.org>
Jordi van Scheijen <jordi.vanscheijen@solvinity.com>
Josef Friedrich <josef@friedrich.rocks>
Joseph L. Casale <jcasale@activenetwerx.com>
jre3brg <jorge.rebelo@pt.bosch.com>
Julian Brost <julian.brost@icinga.com>
@ -207,6 +209,7 @@ mocruz <mocruz@theworkshop.com>
Muhammad Mominul Huque <nahidbinbaten1995@gmail.com>
nemtrif <ntrifunovic@hotmail.com>
Nicolai <nbuchwitz@users.noreply.github.com>
Nicolas Berens <nicolas.berens@planet.com>
Nicolas Limage <github@xephon.org>
Nicole Lang <nicole.lang@icinga.com>
Niflou <dubuscyr@gmail.com>
@ -221,6 +224,7 @@ Patrick Dolinic <pdolinic@netways.de>
Patrick Huy <frz@frz.cc>
Paul Denning <paul.denning@dimensiondata.com>
Paul Richards <paul@minimoo.org>
Pavel Motyrev <legioner.r@gmail.com>
Pawel Szafer <pszafer@gmail.com>
Per von Zweigbergk <pvz@itassistans.se>
Peter Eckel <6815386+peteeckel@users.noreply.github.com>

1
doc/01-about.md
View File

@ -67,4 +67,3 @@ Read more about development builds in the [development chapter](21-development.m
Icinga 2 and the Icinga 2 documentation are licensed under the terms of the GNU
General Public License Version 2. You will find a copy of this license in the
LICENSE file included in the source package.

143
doc/02-installation.md
View File

@ -14,9 +14,16 @@ In case you are upgrading an existing setup, please ensure to
follow the [upgrade documentation](16-upgrading-icinga-2.md#upgrading-icinga-2).
<!-- {% else %} -->
<!-- {% if not windows %} -->
## Add Icinga Package Repository <a id="add-icinga-package-repository"></a>
We recommend using our official repositories. Here's how to add it to your system:
We recommend using our official repositories.
All the following commands should be executed as the root user.
As pipes and nested commands are used, it is recommended to switch to a root user session, e.g., using `sudo -i`.
Here's how to add it to your system:
<!-- {% endif %} -->
<!-- {% if debian %} -->
@ -24,9 +31,13 @@ We recommend using our official repositories. Here's how to add it to your syste
```bash
apt update
apt -y install apt-transport-https wget gnupg
apt -y install apt-transport-https wget
wget -O - https://packages.icinga.com/icinga.key | gpg --dearmor -o /usr/share/keyrings/icinga-archive-keyring.gpg
wget -O icinga-archive-keyring.deb "https://packages.icinga.com/icinga-archive-keyring_latest+debian$(
. /etc/os-release; echo "$VERSION_ID"
).deb"
apt install ./icinga-archive-keyring.deb
DIST=$(awk -F"[)(]+" '/VERSION=/ {print $2}' /etc/os-release); \
echo "deb [signed-by=/usr/share/keyrings/icinga-archive-keyring.gpg] https://packages.icinga.com/debian icinga-${DIST} main" > \
@ -36,21 +47,6 @@ DIST=$(awk -F"[)(]+" '/VERSION=/ {print $2}' /etc/os-release); \
apt update
```
#### Debian Backports Repository <a id="debian-backports-repository"></a>
This repository is required for Debian Stretch since Icinga v2.11.
Debian Stretch:
```bash
DIST=$(awk -F"[)(]+" '/VERSION=/ {print $2}' /etc/os-release); \
echo "deb https://deb.debian.org/debian ${DIST}-backports main" > \
/etc/apt/sources.list.d/${DIST}-backports.list
apt update
```
<!-- {% endif %} -->
<!-- {% if ubuntu %} -->
@ -58,9 +54,13 @@ apt update
```bash
apt update
apt -y install apt-transport-https wget gnupg
apt -y install apt-transport-https wget
wget -O - https://packages.icinga.com/icinga.key | gpg --dearmor -o /usr/share/keyrings/icinga-archive-keyring.gpg
wget -O icinga-archive-keyring.deb "https://packages.icinga.com/icinga-archive-keyring_latest+ubuntu$(
. /etc/os-release; echo "$VERSION_ID"
).deb"
apt install ./icinga-archive-keyring.deb
. /etc/os-release; if [ ! -z ${UBUNTU_CODENAME+x} ]; then DIST="${UBUNTU_CODENAME}"; else DIST="$(lsb_release -c| awk '{print $2}')"; fi; \
echo "deb [signed-by=/usr/share/keyrings/icinga-archive-keyring.gpg] https://packages.icinga.com/ubuntu icinga-${DIST} main" > \
@ -72,41 +72,6 @@ apt update
```
<!-- {% endif %} -->
<!-- {% if raspbian %} -->
### Raspbian Repository <a id="raspbian-repository"></a>
```bash
apt update
apt -y install apt-transport-https wget gnupg
wget -O - https://packages.icinga.com/icinga.key | gpg --dearmor -o /usr/share/keyrings/icinga-archive-keyring.gpg
DIST=$(awk -F"[)(]+" '/VERSION=/ {print $2}' /etc/os-release); \
echo "deb [signed-by=/usr/share/keyrings/icinga-archive-keyring.gpg] https://packages.icinga.com/raspbian icinga-${DIST} main" > \
/etc/apt/sources.list.d/icinga.list
echo "deb-src [signed-by=/usr/share/keyrings/icinga-archive-keyring.gpg] https://packages.icinga.com/raspbian icinga-${DIST} main" >> \
/etc/apt/sources.list.d/icinga.list
apt update
```
<!-- {% endif %} -->
<!-- {% if centos %} -->
### CentOS Repository <a id="centos-repository"></a>
```bash
rpm --import https://packages.icinga.com/icinga.key
wget https://packages.icinga.com/centos/ICINGA-release.repo -O /etc/yum.repos.d/ICINGA-release.repo
```
The packages for CentOS depend on other packages which are distributed
as part of the [EPEL repository](https://fedoraproject.org/wiki/EPEL):
```bash
yum install epel-release
```
<!-- {% endif %} -->
<!-- {% if rhel %} -->
### RHEL Repository <a id="rhel-repository"></a>
@ -118,7 +83,6 @@ yum install epel-release
Don't forget to fill in the username and password section with your credentials in the local .repo file.
```bash
rpm --import https://packages.icinga.com/icinga.key
wget https://packages.icinga.com/subscription/rhel/ICINGA-release.repo -O /etc/yum.repos.d/ICINGA-release.repo
```
@ -150,7 +114,6 @@ yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.r
### Fedora Repository <a id="fedora-repository"></a>
```bash
rpm --import https://packages.icinga.com/icinga.key
dnf install -y 'dnf-command(config-manager)'
dnf config-manager --add-repo https://packages.icinga.com/fedora/$(. /etc/os-release; echo "$VERSION_ID")/release
```
@ -167,8 +130,6 @@ dnf config-manager --add-repo https://packages.icinga.com/fedora/$(. /etc/os-rel
Don't forget to fill in the username and password section with your credentials in the local .repo file.
```bash
rpm --import https://packages.icinga.com/icinga.key
zypper ar https://packages.icinga.com/subscription/sles/ICINGA-release.repo
zypper ref
```
@ -186,17 +147,9 @@ SUSEConnect -p PackageHub/$VERSION_ID/x86_64
### openSUSE Repository <a id="opensuse-repository"></a>
```bash
rpm --import https://packages.icinga.com/icinga.key
zypper ar https://packages.icinga.com/openSUSE/ICINGA-release.repo
zypper ref
```
You need to additionally add the `server:monitoring` repository to fulfill dependencies:
```bash
zypper ar https://download.opensuse.org/repositories/server:/monitoring/15.3/server:monitoring.repo
```
<!-- {% endif %} -->
<!-- {% if amazon_linux %} -->
@ -210,7 +163,6 @@ zypper ar https://download.opensuse.org/repositories/server:/monitoring/15.3/ser
Don't forget to fill in the username and password section with your credentials in the local .repo file.
```bash
rpm --import https://packages.icinga.com/icinga.key
wget https://packages.icinga.com/subscription/amazon/ICINGA-release.repo -O /etc/yum.repos.d/ICINGA-release.repo
```
@ -239,36 +191,21 @@ You can install Icinga 2 by using your distribution's package manager
to install the `icinga2` package. The following commands must be executed
with `root` permissions unless noted otherwise.
<!-- {% if centos or rhel or fedora or amazon_linux %} -->
<!-- {% if rhel or fedora or amazon_linux %} -->
!!! tip
If you have [SELinux](22-selinux.md) enabled, the package `icinga2-selinux` is also required.
<!-- {% endif %} -->
<!-- {% if debian or ubuntu or raspbian %} -->
<!-- {% if debian or ubuntu %} -->
<!-- {% if not icingaDocs %} -->
#### Debian / Ubuntu / Raspbian / Raspberry Pi OS
#### Debian / Ubuntu / Raspberry Pi OS
<!-- {% endif %} -->
```bash
apt install icinga2
```
<!-- {% endif %} -->
<!-- {% if centos %} -->
<!-- {% if not icingaDocs %} -->
#### CentOS
<!-- {% endif %} -->
!!! info
Note that installing Icinga 2 is only supported on CentOS 7 as CentOS 8 is EOL.
```bash
yum install icinga2
systemctl enable icinga2
systemctl start icinga2
```
<!-- {% endif %} -->
<!-- {% if rhel %} -->
#### RHEL 8 or Later
@ -357,26 +294,15 @@ to determine where to find the plugin binaries.
additional check plugins into your Icinga 2 setup.
<!-- {% if debian or ubuntu or raspbian %} -->
<!-- {% if debian or ubuntu %} -->
<!-- {% if not icingaDocs %} -->
#### Debian / Ubuntu / Raspbian / Raspberry Pi OS
#### Debian / Ubuntu / Raspberry Pi OS
<!-- {% endif %} -->
```bash
apt install monitoring-plugins
```
<!-- {% endif %} -->
<!-- {% if centos %} -->
<!-- {% if not icingaDocs %} -->
#### CentOS
<!-- {% endif %} -->
The packages for CentOS depend on other packages which are distributed as part of the EPEL repository.
```bash
yum install nagios-plugins-all
```
<!-- {% endif %} -->
<!-- {% if rhel %} -->
<!-- {% if not icingaDocs %} -->
#### RHEL
@ -464,7 +390,7 @@ Restart Icinga 2 for these changes to take effect.
systemctl restart icinga2
```
<!-- {% if amazon_linux or centos or debian or rhel or sles or ubuntu %} -->
<!-- {% if amazon_linux or debian or rhel or sles or ubuntu %} -->
## Set up Icinga DB <a id="set-up-icinga-db"></a>
Icinga DB is a set of components for publishing, synchronizing and
@ -516,20 +442,6 @@ yum install icingadb-redis
```
<!-- {% endif %} -->
<!-- {% if centos %} -->
<!-- {% if not icingaDocs %} -->
##### CentOS
<!-- {% endif %} -->
!!! info
Note that installing Icinga DB Redis is only supported on CentOS 7 as CentOS 8 is EOL.
```bash
yum install icingadb-redis
```
<!-- {% endif %} -->
<!-- {% if debian or ubuntu %} -->
<!-- {% if not icingaDocs %} -->
##### Debian / Ubuntu / Raspberry Pi OS
@ -643,9 +555,6 @@ you have completed the instructions here and can proceed to
<!-- {% if amazon_linux %} -->
[install the Icinga DB daemon on Amazon Linux](https://icinga.com/docs/icinga-db/latest/doc/02-Installation/01-Amazon-Linux/#installing-icinga-db-package),
<!-- {% endif %} -->
<!-- {% if centos %} -->
[install the Icinga DB daemon on CentOS](https://icinga.com/docs/icinga-db/latest/doc/02-Installation/02-CentOS/#installing-icinga-db-package),
<!-- {% endif %} -->
<!-- {% if debian %} -->
[install the Icinga DB daemon on Debian](https://icinga.com/docs/icinga-db/latest/doc/02-Installation/03-Debian/#installing-icinga-db-package),
<!-- {% endif %} -->

3
doc/02-installation.md.d/03-Raspbian.md
View File

@ -1,3 +0,0 @@
# Install Icinga 2 on Raspbian
<!-- {% set raspbian = True %} -->
<!-- {% include "02-installation.md" %} -->

3
doc/02-installation.md.d/05-CentOS.md
View File

@ -1,3 +0,0 @@
# Install Icinga 2 on CentOS
<!-- {% set centos = True %} -->
<!-- {% include "02-installation.md" %} -->

4
doc/03-monitoring-basics.md
View File

@ -1599,7 +1599,7 @@ A common pattern is to store the users and user groups
on the host or service objects instead of the notification
object itself.
The sample configuration provided in [hosts.conf](04-configuration.md#hosts-conf) and [notifications.conf](notifications-conf)
The sample configuration provided in [hosts.conf](04-configuration.md#hosts-conf) and [notifications.conf](04-configuration.md#notifications-conf)
already provides an example for this question.
> **Tip**
@ -2729,7 +2729,7 @@ Requirements:
* Icinga 2 as client on the remote node
* icinga user with sudo permissions to the httpd daemon
Example on CentOS 7:
Example on RHEL:
```
# visudo

4
doc/05-service-monitoring.md
View File

@ -51,7 +51,7 @@ described. Try running the plugin after setup and [ensure it works](05-service-m
Prior to using the check plugin with Icinga 2 you should ensure that it is working properly
by trying to run it on the console using whichever user Icinga 2 is running as:
RHEL/CentOS/Fedora
RHEL/Fedora
```bash
sudo -u icinga /usr/lib64/nagios/plugins/check_mysql_health --help
@ -111,7 +111,7 @@ Can't locate Net/SNMP.pm in @INC (you may need to install the Net::SNMP module)
Prior to installing the Perl module via CPAN, look for a distribution
specific package, e.g. `libnet-snmp-perl` on Debian/Ubuntu or `perl-Net-SNMP`
on RHEL/CentOS.
on RHEL.
#### Optional: Custom Path <a id="service-monitoring-plugins-custom-path"></a>

66
doc/06-distributed-monitoring.md
View File

@ -264,7 +264,7 @@ The setup wizard will ensure that the following steps are taken:
* Update the [ApiListener](06-distributed-monitoring.md#distributed-monitoring-apilistener) and [constants](04-configuration.md#constants-conf) configuration.
* Update the [icinga2.conf](04-configuration.md#icinga2-conf) to disable the `conf.d` inclusion, and add the `api-users.conf` file inclusion.
Here is an example of a master setup for the `icinga2-master1.localdomain` node on CentOS 7:
Here is an example of a master setup for the `icinga2-master1.localdomain` node:
```
[root@icinga2-master1.localdomain /]# icinga2 node wizard
@ -1031,9 +1031,7 @@ in `/etc/icinga2/icinga2.conf`.
> Defaults to disabled.
Now it is time to validate the configuration and to restart the Icinga 2 daemon
on both nodes.
Example on CentOS 7:
on both nodes:
```
[root@icinga2-agent1.localdomain /]# icinga2 daemon -C
@ -1112,7 +1110,8 @@ Save the changes and validate the configuration on the master node:
```
[root@icinga2-master1.localdomain /]# icinga2 daemon -C
```
Restart the Icinga 2 daemon (example for CentOS 7):
Restart the Icinga 2 daemon:
```
[root@icinga2-master1.localdomain /]# systemctl restart icinga2
@ -1221,9 +1220,7 @@ object ApiListener "api" {
```
Now it is time to validate the configuration and to restart the Icinga 2 daemon
on both nodes.
Example on CentOS 7:
on both nodes:
```
[root@icinga2-satellite1.localdomain /]# icinga2 daemon -C
@ -1285,7 +1282,7 @@ Save the changes and validate the configuration on the master node:
[root@icinga2-master1.localdomain /]# icinga2 daemon -C
```
Restart the Icinga 2 daemon (example for CentOS 7):
Restart the Icinga 2 daemon:
```
[root@icinga2-master1.localdomain /]# systemctl restart icinga2
@ -3134,7 +3131,7 @@ object Endpoint "icinga2-master2.localdomain" {
> **Note**
>
> This is required if you decide to change an already running single endpoint production
> environment into a HA-enabled cluster zone with two endpoints.
> environment into an HA-enabled cluster zone with two endpoints.
> The [initial setup](06-distributed-monitoring.md#distributed-monitoring-scenarios-ha-master-clients)
> with 2 HA masters doesn't require this step.
@ -3183,7 +3180,7 @@ Create a certificate signing request (CSR) for the local instance:
Sign the CSR with the previously created CA:
```
[root@icinga2-master1.localdomain /root]# icinga2 pki sign-csr --csr icinga2-master1.localdomain.csr --cert icinga2-master1.localdomain
[root@icinga2-master1.localdomain /root]# icinga2 pki sign-csr --csr icinga2-master1.localdomain.csr --cert icinga2-master1.localdomain.crt
```
Repeat the steps for all instances in your setup.
@ -3230,6 +3227,53 @@ information/pki: Writing certificate to file 'icinga2-satellite1.localdomain.crt
Copy and move these certificates to the respective instances e.g. with SSH/SCP.
#### External CA/PKI
Icinga works best with its own certificates.
The commands described above take care of the optimal certificate properties.
Also, Icinga renews them periodically at runtime to avoid expiry.
But you can also provide your own certificates,
just like to any other application which uses TLS.
!!! warning
The only serious reasons to generate own certificates are company policies.
You are responsible for making Icinga working with your certificates,
as well as for [expiry monitoring](10-icinga-template-library.md#plugin-check-command-ssl_cert)
and renewal.
Especially `icinga2 pki` CLI commands do not expect such certificates.
Also, do not provide your custom CA private key to Icinga 2!
Otherwise, it will automatically renew leaf certificates
with our hardcoded properties, not your custom ones.
The CA certificate must be located in `/var/lib/icinga2/certs/ca.crt`.
The basic requirements for all leaf certificates are:
* Located in `/var/lib/icinga2/certs/NODENAME.crt`
and `/var/lib/icinga2/certs/NODENAME.key`
* Subject with CN matching the endpoint name
* A DNS SAN matching the endpoint name
Pretty much everything else is limited only by your company policy
and the OpenSSL versions your Icinga nodes use. E.g. the following works:
* Custom key sizes, e.g. 2048 bits
* Custom key types, e.g. ECC
* Any number of intermediate CAs (but see limitations below)
* Multiple trusted root CAs in `/var/lib/icinga2/certs/ca.crt`
* Different root CAs per cluster subtree, as long as each node trusts the
certificate issuers of all nodes it's directly connected to
Intermediate CA restrictions:
* Each side has to provide its intermediate CAs along with the leaf certificate
in `/var/lib/icinga2/certs/NODENAME.crt`, ordered from leaf to root.
* Intermediate CAs may not be used directly as root CAs. To trust only specific
intermediate CAs, cross-sign them with themselves, so that you get equal
certificates except that they're self-signed. Use them as root CAs in Icinga.
## Automation <a id="distributed-monitoring-automation"></a>
These hints should get you started with your own automation tools (Puppet, Ansible, Chef, Salt, etc.)

2
doc/09-object-types.md
View File

@ -393,7 +393,6 @@ Runtime Attributes:
last\_check\_result | CheckResult | The current [check result](08-advanced-topics.md#advanced-value-types-checkresult).
last\_state\_change | Timestamp | When the last state change occurred (as a UNIX timestamp).
last\_hard\_state\_change | Timestamp | When the last hard state change occurred (as a UNIX timestamp).
last\_in\_downtime | Boolean | Whether the host was in a downtime when the last check occurred.
acknowledgement | Number | The acknowledgement type (0 = NONE, 1 = NORMAL, 2 = STICKY).
acknowledgement\_expiry | Timestamp | When the acknowledgement expires (as a UNIX timestamp; 0 = no expiry).
downtime\_depth | Number | Whether the host has one or more active downtimes.
@ -758,7 +757,6 @@ Runtime Attributes:
last\_check\_result | CheckResult | The current [check result](08-advanced-topics.md#advanced-value-types-checkresult).
last\_state\_change | Timestamp | When the last state change occurred (as a UNIX timestamp).
last\_hard\_state\_change | Timestamp | When the last hard state change occurred (as a UNIX timestamp).
last\_in\_downtime | Boolean | Whether the service was in a downtime when the last check occurred.
acknowledgement | Number | The acknowledgement type (0 = NONE, 1 = NORMAL, 2 = STICKY).
acknowledgement\_expiry | Timestamp | When the acknowledgement expires (as a UNIX timestamp; 0 = no expiry).
acknowledgement\_last\_change | Timestamp | When the acknowledgement has been set/cleared

8
doc/10-icinga-template-library.md
View File

@ -75,8 +75,10 @@ plugin scripts.
### icinga <a id="itl-icinga"></a>
Check command for the built-in `icinga` check. This check returns performance
data for the current Icinga instance, reports as warning if the last reload failed and optionally allows for minimum version checks.
Check command for the built-in `icinga` check. This check returns performance data for the current Icinga instance,
reports as warning if the last reload or config sync failed and optionally allows for minimum version checks.
For the config sync check to work, it must be run on the satellite or agent.
Custom variables passed as [command parameters](03-monitoring-basics.md#command-passing-parameters):
@ -3447,7 +3449,7 @@ thola_identify_discover_timeouts | **Optional.** The number of discover timeou
> **Note**:
>
> One of the variables `thola_identify_model`, `thola_identify_os_version`,
> One of the variables `thola_identify_model`, `thola_identify_os_version`,
> `thola_identify_vendor` or `thola_identify_serial_number` must be set
##### thola-memory-usage <a id="plugin-contrib-command-thola-memory-usage"></a>

4
doc/11-cli-commands.md
View File

@ -22,7 +22,7 @@ Supported commands:
* api setup (setup for API)
* ca list (lists all certificate signing requests)
* ca restore (restores a removed certificate request)
* ca remove (removes an outstanding certificate request)
* ca remove (removes an outstanding certificate request)
* ca sign (signs an outstanding certificate request)
* console (Icinga debug console)
* daemon (starts Icinga 2)
@ -73,7 +73,7 @@ RPM and Debian packages install the bash completion files into
You need to install the `bash-completion` package if not already installed.
RHEL/CentOS/Fedora:
RHEL/Fedora:
```bash
yum install bash-completion

46
doc/12-icinga2-api.md
View File

@ -115,7 +115,7 @@ You can also use [jq](https://stedolan.github.io/jq/) or `python -m json.tool`
in combination with curl on the CLI.
```bash
curl ... | jq
curl ... | jq
curl ... | python -m json.tool
```
@ -566,7 +566,7 @@ created by the API.
### Querying Objects <a id="icinga2-api-config-objects-query"></a>
You can request information about configuration objects by sending
a `GET` query to the `/v1/objects/<type>` URL endpoint. `<type` has
a `GET` query to the `/v1/objects/<type>` URL endpoint. `<type>` has
to be replaced with the plural name of the object type you are interested
in:
@ -814,7 +814,7 @@ parameters need to be passed inside the JSON body:
Parameters | Type | Description
------------------|--------------|--------------------------
templates | Array | **Optional.** Import existing configuration templates for this object type. Note: These templates must either be statically configured or provided in [config packages](12-icinga2-api.md#icinga2-api-config-management)-
templates | Array | **Optional.** Import existing configuration templates for this object type. Note: These templates must either be statically configured or provided in [config packages](12-icinga2-api.md#icinga2-api-config-management).
attrs | Dictionary | **Required.** Set specific object attributes for this [object type](09-object-types.md#object-types).
ignore\_on\_error | Boolean | **Optional.** Ignore object creation errors and return an HTTP 200 status instead.
@ -951,7 +951,7 @@ list the latter in the `restore_attrs` parameter. E.g.:
```bash
curl -k -s -S -i -u root:icinga -H 'Accept: application/json' \
-X POST 'https://localhost:5665/v1/objects/hosts/example.localdomain' \
-d '{ "restore_attrs": [ "address", "vars.os" ] }, "pretty": true }'
-d '{ "restore_attrs": [ "address", "vars.os" ], "pretty": true }'
```
```json
@ -1658,14 +1658,14 @@ Send a `POST` request to the URL endpoint `/v1/actions/execute-command`.
--------------|------------|--------------
ttl | Number | **Required.** The time to live of the execution expressed in seconds.
command_type | String | **Optional.** The command type: `CheckCommand` or `EventCommand` or `NotificationCommand`. Default: `EventCommand`
command | String | **Optional.** The command to execute. Its type must the same as `command_type`. It can be a macro string. Default: depending on the `command_type` it's either `$check_command$`, `$event_command$` or `$notification_command$`
command | String | **Optional.** The command to execute. Its type must the same as `command_type`. It can be a macro string. Default: depending on the `command_type` it's either `$check_command$`, `$event_command$` or `$notification_command$`
endpoint | String | **Optional.** The endpoint to execute the command on. It can be a macro string. Default: `$command_endpoint$`.
macros | Dictionary | **Optional.** Macro overrides. Default: `{}`
user | String | **Optional.** The user used for the notification command.
user | String | **Optional.** The user used for the notification command.
notification | String | **Optional.** The notification used for the notification command.
Example:
```bash
curl -k -s -S -i -u root:icinga -H 'Accept: application/json' \
-X POST 'https://localhost:5665/v1/actions/execute-command' \
@ -1879,6 +1879,32 @@ Example for all object events:
timestamp | Timestamp | Unix timestamp when the event happened.
downtime | Dictionary | Serialized [Downtime](09-object-types.md#objecttype-downtime) object.
#### <a id="icinga2-api-event-streams-type-objectcreated"></a> Event Stream Type: ObjectCreated
| Name | Type | Description |
|--------------|-----------|----------------------------------------------------------------|
| type | String | Event type `ObjectCreated`. |
| timestamp | Timestamp | Unix timestamp when the event happened. |
| object\_type | String | Type of the newly created object, such as `Host` or `Service`. |
| object\_name | String | The full name of the object. |
#### <a id="icinga2-api-event-streams-type-objectmodified"></a> Event Stream Type: ObjectModified
| Name | Type | Description |
|--------------|-----------|-----------------------------------------------------------|
| type | String | Event type `ObjectModified`. |
| timestamp | Timestamp | Unix timestamp when the event happened. |
| object\_type | String | Type of the modified object, such as `Host` or `Service`. |
| object\_name | String | The full name of the object. |
#### <a id="icinga2-api-event-streams-type-objectdeleted"></a> Event Stream Type: ObjectDeleted
| Name | Type | Description |
|--------------|-----------|----------------------------------------------------------|
| type | String | Event type `ObjectDeleted`. |
| timestamp | Timestamp | Unix timestamp when the event happened. |
| object\_type | String | Type of the deleted object, such as `Host` or `Service`. |
| object\_name | String | The full name of the object. |
### Event Stream Filter <a id="icinga2-api-event-streams-filter"></a>
@ -2348,7 +2374,7 @@ Creation, modification and deletion of templates at runtime is not supported.
### Querying Templates <a id="icinga2-api-config-templates-query"></a>
You can request information about configuration templates by sending
a `GET` query to the `/v1/templates/<type>` URL endpoint. `<type` has
a `GET` query to the `/v1/templates/<type>` URL endpoint. `<type>` has
to be replaced with the plural name of the object type you are interested
in:
@ -2612,7 +2638,7 @@ Name | Language | Description
[BitBar for OSX](https://getbitbar.com/plugins/Dev/Icinga2/icinga2.24m.py) | Python | macOS tray app for highlighting the host/service status
[Icinga 2 Multistatus](https://chrome.google.com/webstore/detail/icinga-multi-status/khabbhcojgkibdeipanmiphceeoiijal/related) | - | Chrome Extension
[Naglite4](https://github.com/wftech/icinga2-naglite4) | Python | Naglite3 rewrite using the Icinga 2 REST API.
[icinga-telegram-bot](https://github.com/joni1993/icinga-telegram-bot) | Python | Telegram Bot using the Icinga 2 REST API
[icinga-telegram-bot](https://github.com/joni1993/icinga-telegram-bot) | Python | Telegram Bot using the Icinga 2 REST API
### Manage Objects <a id="icinga2-api-clients-management"></a>

2
doc/13-addons.md
View File

@ -32,7 +32,7 @@ vim /etc/icinga2/conf.d/templates.conf
Install the package `nano-icinga2` with your distribution's package manager.
**Note:** On Debian, Ubuntu, Raspbian and Raspberry Pi OS, the syntax files are installed with the `icinga2-common` package already.
**Note:** On Debian, Ubuntu and Raspberry Pi OS, the syntax files are installed with the `icinga2-common` package already.
Copy the `/etc/nanorc` sample file to your home directory.

24
doc/14-features.md
View File

@ -52,7 +52,7 @@ Icinga DB is a set of components for publishing, synchronizing and
visualizing monitoring data in the Icinga ecosystem, consisting of:
* Icinga 2 with its `icingadb` feature enabled,
responsible for publishing monitoring data to a Redis server, i.e. configuration and its runtime updates,
responsible for publishing monitoring data to a Redis server, i.e. configuration and its runtime updates,
check results, state changes, downtimes, acknowledgements, notifications, and other events such as flapping
* The [Icinga DB daemon](https://icinga.com/docs/icinga-db),
which synchronizes the data between the Redis server and a database
@ -106,7 +106,7 @@ The current naming schema is defined as follows. The [Icinga Web 2 Graphite modu
depends on this schema.
The default prefix for hosts and services is configured using
[runtime macros](03-monitoring-basics.md#runtime-macros)like this:
[runtime macros](03-monitoring-basics.md#runtime-macros) like this:
```
icinga2.$host.name$.host.$host.check_command$
@ -815,16 +815,6 @@ apt-get install icinga2-ido-mysql
default. You can skip the automated setup and install/upgrade the
database manually if you prefer.
###### CentOS 7
!!! info
Note that installing `icinga2-ido-mysql` is only supported on CentOS 7 as CentOS 8 is EOL.
```bash
yum install icinga2-ido-mysql
```
###### RHEL 8
```bash
@ -914,16 +904,6 @@ apt-get install icinga2-ido-pgsql
You can skip the automated setup and install/upgrade the database manually
if you prefer that.
###### CentOS 7
!!! info
Note that installing `icinga2-ido-pgsql` is only supported on CentOS 7 as CentOS 8 is EOL.
```bash
yum install icinga2-ido-pgsql
```
###### RHEL 8
```bash

63
doc/15-troubleshooting.md
View File

@ -176,6 +176,64 @@ C:\> cd C:\ProgramData\icinga2\var\log\icinga2
C:\ProgramData\icinga2\var\log\icinga2> Get-Content .\debug.log -tail 10 -wait
```
### Enable/Disable Debug Output on the fly <a id="troubleshooting-enable-disable-debug-output-api"></a>
The `debuglog` feature can also be created and deleted at runtime without having to restart Icinga 2.
Technically, this is possible because this feature is a [FileLogger](09-object-types.md#objecttype-filelogger)
that can be managed through the [API](12-icinga2-api.md#icinga2-api-config-objects).
This is a good alternative to `icinga2 feature enable debuglog` as object
creation/deletion via API happens immediately and requires no restart.
The above matters in setups large enough for the reload to take a while.
Especially these produce a lot of debug log output until disabled again.
!!! info
In case of [an HA zone](06-distributed-monitoring.md#distributed-monitoring-scenarios-ha-master-agents),
the following API examples toggle the feature on both nodes.
#### Enable Debug Output on the fly <a id="troubleshooting-enable-debug-output-api"></a>
```bash
curl -k -s -S -i -u root:icinga -H 'Accept: application/json' \
-X PUT 'https://localhost:5665/v1/objects/fileloggers/on-the-fly-debug-file' \
-d '{ "attrs": { "severity": "debug", "path": "/var/log/icinga2/on-the-fly-debug.log" }, "pretty": true }'
```
```json
{
"results": [
{
"code": 200.0,
"status": "Object was created."
}
]
}
```
#### Disable Debug Output on the fly <a id="troubleshooting-disable-debug-output-api"></a>
This works only for debug loggers enabled on the fly as above!
```bash
curl -k -s -S -i -u root:icinga -H 'Accept: application/json' \
-X DELETE 'https://localhost:5665/v1/objects/fileloggers/on-the-fly-debug-file?pretty=1'
```
```json
{
"results": [
{
"code": 200.0,
"name": "on-the-fly-debug-file",
"status": "Object was deleted.",
"type": "FileLogger"
}
]
}
```
## Icinga starts/restarts/reloads very slowly
### Try swapping out the allocator
@ -878,7 +936,7 @@ actively attempts to schedule and execute checks. Otherwise the node does not fe
}
```
You may ask why this analysis is important? Fair enough - if the numbers are not inverted in a HA zone
You may ask why this analysis is important? Fair enough - if the numbers are not inverted in an HA zone
with two members, this may give a hint that the cluster nodes are in a split-brain scenario, or you've
found a bug in the cluster.
@ -1640,6 +1698,9 @@ Typical errors are:
* The api feature doesn't [accept config](06-distributed-monitoring.md#distributed-monitoring-top-down-config-sync). This is logged into `/var/lib/icinga2/icinga2.log`.
* The received configuration zone is not configured in [zones.conf](04-configuration.md#zones-conf) and Icinga denies it. This is logged into `/var/lib/icinga2/icinga2.log`.
* The satellite/agent has local configuration in `/etc/icinga2/zones.d` and thinks it is authoritive for this zone. It then denies the received update. Purge the content from `/etc/icinga2/zones.d`, `/var/lib/icinga2/api/zones/*` and restart Icinga to fix this.
* Configuration parts stored outside of `/etc/icinga2/zones.d` on the master, for example a constant in `/etc/icinga2/constants.conf`, are then missing on the satellite/agent.
Note that if set up, the [built-in icinga CheckCommand](10-icinga-template-library.md#icinga) will notify you in case the config sync wasn't successful.
#### New configuration does not trigger a reload <a id="troubleshooting-cluster-config-sync-no-reload"></a>

5
doc/17-language-reference.md
View File

@ -97,6 +97,7 @@ Character | Escape sequence
--------------------------|------------------------------------
" | \\"
\\ | \\\\
$ | $$
&lt;TAB&gt; | \\t
&lt;CARRIAGE-RETURN&gt; | \\r
&lt;LINE-FEED&gt; | \\n
@ -107,6 +108,10 @@ In addition to these pre-defined escape sequences you can specify
arbitrary ASCII characters using the backslash character (\\) followed
by an ASCII character in octal encoding.
In Icinga 2, the `$` character is reserved for resolving [runtime macros](03-monitoring-basics.md#runtime-macros).
However, in situations where a string that isn't intended to be used as a runtime macro contains the `$` character,
it is necessary to escape it with another `$` character.
### Multi-line String Literals <a id="multiline-string-literals"></a>
Strings spanning multiple lines can be specified by enclosing them in

6
doc/18-library-reference.md
View File

@ -1648,9 +1648,9 @@ Example:
function set_x(val) {
this.x = val
}
dict = {}
set_x.call(dict, 7) /* Invokes set_x using `dict` as `this` */
```
@ -1671,7 +1671,7 @@ Example:
function set_x(val) {
this.x = val
}
var dict = {}
var args = [ 7 ]

10
doc/19-technical-concepts.md
View File

@ -651,7 +651,7 @@ authority = endpoints[Utility::SDBM(object->GetName()) % endpoints.size()] == my
that by querying the `paused` attribute for all objects via REST API
or debug console on both endpoints.
Endpoints inside a HA zone calculate the object authority independent from each other.
Endpoints inside an HA zone calculate the object authority independent from each other.
This object authority is important for selected features explained below.
Since features are configuration objects too, you must ensure that all nodes
@ -1887,7 +1887,7 @@ source | String | The execution UUID
Special handling, calls `ClusterEvents::EnqueueCheck()` for command endpoint checks.
This function enqueues check tasks into a queue which is controlled in `RemoteCheckThreadProc()`.
If the `endpoint` parameter is specified and is not equal to the local endpoint then the message is forwarded to the correct endpoint zone.
If the `endpoint` parameter is specified and is not equal to the local endpoint then the message is forwarded to the correct endpoint zone.
##### Permissions
@ -1932,7 +1932,7 @@ executions | Dictionary | Executions to be updated
##### Functions
**Event Sender:** `ClusterEvents::ExecutedCommandAPIHandler`, `ClusterEvents::UpdateExecutionsAPIHandler`, `ApiActions::ExecuteCommand`
**Event Receiver:** `ClusterEvents::UpdateExecutionsAPIHandler`
**Event Receiver:** `ClusterEvents::UpdateExecutionsAPIHandler`
##### Permissions
@ -1962,7 +1962,7 @@ Key | Type | Description
host | String | Host name.
service | String | Service name.
execution | String | The execution ID executed.
exitStatus | Number | The command exit status.
exitStatus | Number | The command exit status.
output | String | The command output.
start | Number | The unix timestamp at the start of the command execution
end | Number | The unix timestamp at the end of the command execution
@ -1970,7 +1970,7 @@ end | Number | The unix timestamp at the end of the command ex
##### Functions
**Event Sender:** `ClusterEvents::ExecuteCheckFromQueue`, `ClusterEvents::ExecuteCommandAPIHandler`
**Event Receiver:** `ClusterEvents::ExecutedCommandAPIHandler`
**Event Receiver:** `ClusterEvents::ExecutedCommandAPIHandler`
##### Permissions

75
doc/21-development.md
View File

@ -48,7 +48,7 @@ or `icinga2-ido-mysql`.
Distribution | Command
-------------------|------------------------------------------
Debian/Ubuntu | `apt-get install icinga2-dbg`
RHEL/CentOS | `yum install icinga2-debuginfo`
RHEL | `yum install icinga2-debuginfo`
Fedora | `dnf install icinga2-debuginfo icinga2-bin-debuginfo icinga2-ido-mysql-debuginfo`
SLES/openSUSE | `zypper install icinga2-bin-debuginfo icinga2-ido-mysql-debuginfo`
@ -65,7 +65,7 @@ Install GDB in your development environment.
Distribution | Command
-------------------|------------------------------------------
Debian/Ubuntu | `apt-get install gdb`
RHEL/CentOS | `yum install gdb`
RHEL | `yum install gdb`
Fedora | `dnf install gdb`
SLES/openSUSE | `zypper install gdb`
@ -537,7 +537,7 @@ packages.
If you encounter a problem, please [open a new issue](https://github.com/Icinga/icinga2/issues/new/choose)
on GitHub and mention that you're testing the snapshot packages.
#### RHEL/CentOS <a id="development-tests-snapshot-packages-rhel"></a>
#### RHEL <a id="development-tests-snapshot-packages-rhel"></a>
2.11+ requires the EPEL repository for Boost 1.66+.
@ -1332,9 +1332,6 @@ autocmd BufWinLeave * call clearmatches()
### Linux Dev Environment <a id="development-linux-dev-env"></a>
Based on CentOS 7, we have an early draft available inside the Icinga Vagrant boxes:
[centos7-dev](https://github.com/Icinga/icinga-vagrant/tree/master/centos7-dev).
If you're compiling Icinga 2 natively without any virtualization layer in between,
this usually is faster. This is also the reason why developers on macOS prefer native builds
over Linux or Windows VMs. Don't forget to test the actual code on Linux later! Socket specific
@ -1357,21 +1354,20 @@ mkdir -p release debug
Proceed with the specific distribution examples below. Keep in mind that these instructions
are best effort and sometimes out-of-date. Git Master may contain updates.
* [CentOS 7](21-development.md#development-linux-dev-env-centos)
* [Fedora 40](21-development.md#development-linux-dev-env-fedora)
* [Debian 10 Buster](21-development.md#development-linux-dev-env-debian)
* [Ubuntu 18 Bionic](21-development.md#development-linux-dev-env-ubuntu)
#### CentOS 7 <a id="development-linux-dev-env-centos"></a>
#### Fedora 40 <a id="development-linux-dev-env-fedora"></a>
```bash
yum -y install gdb vim git bash-completion htop centos-release-scl
yum -y install gdb vim git bash-completion htop
yum -y install rpmdevtools ccache \
cmake make devtoolset-11-gcc-c++ flex bison \
openssl-devel boost169-devel systemd-devel \
cmake make gcc-c++ flex bison \
openssl-devel boost-devel systemd-devel \
mysql-devel postgresql-devel libedit-devel \
devtoolset-11-libstdc++-devel
libstdc++-devel
groupadd icinga
groupadd icingacmd
@ -1389,47 +1385,42 @@ slower but allows for better debugging insights.
For benchmarks, change `CMAKE_BUILD_TYPE` to `RelWithDebInfo` and
build inside the `release` directory.
First, off export some generics for Boost.
First, override the default prefix path.
```bash
export I2_BOOST="-DBoost_NO_BOOST_CMAKE=TRUE -DBoost_NO_SYSTEM_PATHS=TRUE -DBOOST_LIBRARYDIR=/usr/lib64/boost169 -DBOOST_INCLUDEDIR=/usr/include/boost169 -DBoost_ADDITIONAL_VERSIONS='1.69;1.69.0'"
export I2_GENERIC="-DCMAKE_INSTALL_PREFIX=/usr/local/icinga2"
```
Second, add the prefix path to it.
```bash
export I2_GENERIC="$I2_BOOST -DCMAKE_INSTALL_PREFIX=/usr/local/icinga2"
```
Third, define the two build types with their specific CMake variables.
Second, define the two build types with their specific CMake variables.
```bash
export I2_DEBUG="-DCMAKE_BUILD_TYPE=Debug -DICINGA2_UNITY_BUILD=OFF $I2_GENERIC"
export I2_RELEASE="-DCMAKE_BUILD_TYPE=RelWithDebInfo -DICINGA2_WITH_TESTS=ON -DICINGA2_UNITY_BUILD=ON $I2_GENERIC"
```
Fourth, depending on your likings, you may add a bash alias for building,
Third, depending on your likings, you may use a bash alias for building,
or invoke the commands inside:
```bash
alias i2_debug="cd /root/icinga2; mkdir -p debug; cd debug; scl enable devtoolset-11 -- cmake $I2_DEBUG ..; make -j2; sudo make -j2 install; cd .."
alias i2_release="cd /root/icinga2; mkdir -p release; cd release; scl enable devtoolset-11 -- cmake $I2_RELEASE ..; make -j2; sudo make -j2 install; cd .."
alias i2_debug="cd /root/icinga2; mkdir -p debug; cd debug; cmake $I2_DEBUG ..; make -j2; sudo make -j2 install; cd .."
alias i2_release="cd /root/icinga2; mkdir -p release; cd release; cmake $I2_RELEASE ..; make -j2; sudo make -j2 install; cd .."
```
This is taken from the [centos7-dev](https://github.com/Icinga/icinga-vagrant/tree/master/centos7-dev) Vagrant box.
```bash
i2_debug
```
The source installation doesn't set proper permissions, this is
handled in the package builds which are officially supported.
```bash
chown -R icinga:icinga /usr/local/icinga2/var/
chown -R icinga:icinga /usr/local/icinga2/{etc,var}/
/usr/local/icinga2/lib/icinga2/prepare-dirs /usr/local/icinga2/etc/sysconfig/icinga2
/usr/local/icinga2/sbin/icinga2 api setup
vim /usr/local/icinga2/etc/icinga2/conf.d/api-users.conf
/usr/local/icinga2/lib/icinga2/sbin/icinga2 daemon
/usr/local/icinga2/lib64/icinga2/sbin/icinga2 daemon
```
#### Debian 10 <a id="development-linux-dev-env-debian"></a>
@ -1476,7 +1467,7 @@ The source installation doesn't set proper permissions, this is
handled in the package builds which are officially supported.
```bash
chown -R icinga:icinga /usr/local/icinga2/var/
chown -R icinga:icinga /usr/local/icinga2/{etc,var}/
/usr/local/icinga2/lib/icinga2/prepare-dirs /usr/local/icinga2/etc/sysconfig/icinga2
/usr/local/icinga2/sbin/icinga2 api setup
@ -1540,7 +1531,7 @@ The source installation doesn't set proper permissions, this is
handled in the package builds which are officially supported.
```bash
chown -R icinga:icinga /usr/local/icinga2/var/
chown -R icinga:icinga /usr/local/icinga2/{etc,var}/
/usr/local/icinga2/lib/icinga2/prepare-dirs /usr/local/icinga2/etc/sysconfig/icinga2
/usr/local/icinga2/sbin/icinga2 api setup
@ -1935,7 +1926,7 @@ Download the [boost-binaries](https://sourceforge.net/projects/boost/files/boost
- 64 for 64 bit builds
```
https://sourceforge.net/projects/boost/files/boost-binaries/1.82.0/boost_1_85_0-msvc-14.2-64.exe/download
https://sourceforge.net/projects/boost/files/boost-binaries/1.85.0/boost_1_85_0-msvc-14.2-64.exe/download
```
Run the installer and leave the default installation path in `C:\local\boost_1_85_0`.
@ -2203,7 +2194,7 @@ Icinga application using a dist tarball (including notes for distributions):
* Debian/Ubuntu: libpq-dev
* postgresql-dev on Alpine
* libedit (CLI console)
* RHEL/Fedora: libedit-devel on CentOS (RHEL requires rhel-7-server-optional-rpms)
* RHEL/Fedora: libedit-devel (RHEL requires rhel-7-server-optional-rpms)
* Debian/Ubuntu/Alpine: libedit-dev
* Termcap (only required if libedit doesn't already link against termcap/ncurses)
* RHEL/Fedora: libtermcap-devel
@ -2351,7 +2342,7 @@ can be used to disable the usage of `git describe`.
### Building RPMs <a id="development-package-builds-rpms"></a>
#### Build Environment on RHEL, CentOS, Fedora, Amazon Linux
#### Build Environment on RHEL, Fedora, Amazon Linux
Setup your build environment:
@ -2407,7 +2398,7 @@ spectool -g ../SPECS/icinga2.spec
cd $HOME/rpmbuild
```
Install the build dependencies. Example for CentOS 7:
Install the build dependencies:
```bash
yum -y install libedit-devel ncurses-devel gcc-c++ libstdc++-devel openssl-devel \
@ -2436,21 +2427,9 @@ rpmbuild -ba SPECS/icinga2.spec
The following packages are required to build the SELinux policy module:
* checkpolicy
* selinux-policy (selinux-policy on CentOS 6, selinux-policy-devel on CentOS 7)
* selinux-policy-devel
* selinux-policy-doc
##### RHEL/CentOS 7
The RedHat Developer Toolset is required for building Icinga 2 beforehand.
This contains a C++ compiler which supports C++17 features.
```bash
yum install centos-release-scl
```
Dependencies to devtools-11 are used in the RPM SPEC, so the correct tools
should be used for building.
##### Amazon Linux
If you prefer to build packages offline, a suitable Vagrant box is located

8
doc/22-selinux.md
View File

@ -116,19 +116,19 @@ The policy provides a role `icinga2adm_r` for confining an user which enables an
SELinux is based on the least level of access required for a service to run. Using booleans you can grant more access in a defined way. The Icinga 2 policy package provides the following booleans.
**icinga2_can_connect_all**
**icinga2_can_connect_all**
Having this boolean enabled allows icinga2 to connect to all ports. This can be necessary if you use features which connect to unconfined services, for example the [influxdb writer](14-features.md#influxdb-writer).
**icinga2_run_sudo**
**icinga2_run_sudo**
To allow Icinga 2 executing plugins via sudo you can toogle this boolean. It is disabled by default, resulting in error messages like `execvpe(sudo) failed: Permission denied`.
**httpd_can_write_icinga2_command**
**httpd_can_write_icinga2_command**
To allow httpd to write to the command pipe of icinga2 this boolean has to be enabled. This is enabled by default, if not needed you can disable it for more security.
**httpd_can_connect_icinga2_api**
**httpd_can_connect_icinga2_api**
Enabling this boolean allows httpd to connect to the API of icinga2 (Ports labeled `icinga2_port_t`). This is enabled by default, if not needed you can disable it for more security.

2
doc/23-migrating-from-icinga-1x.md
View File

@ -804,7 +804,7 @@ define service {
}
```
Icinga 2 supports objects and (global) variables, but does not make a difference
Icinga 2 supports objects and (global) variables, but does not make a difference
between the main configuration file or any other included file.
icinga2.conf:

1
doc/24-appendix.md
View File

@ -692,4 +692,3 @@ the [servicegroups](24-appendix.md#schema-livestatus-servicegroups-table-attribu
All [services](24-appendix.md#schema-livestatus-services-table-attributes) table attributes grouped with
the [hostgroups](24-appendix.md#schema-livestatus-hostgroups-table-attributes) table prefixed with `hostgroup_`.

2
lib/icinga/checkable-check.cpp
View File

@ -363,7 +363,7 @@ Checkable::ProcessingResult Checkable::ProcessCheckResult(const CheckResult::Ptr
// Don't recompute the next check when the current check isn't generated by this endpoint. When the check is
// remotely generated we should've already received the "SetNextCheck" event before the "event::CheckResult"
// cluster event. Otherwise, the next check received before this check will be invalidated and cause the Checkable
// "next_check/next_update" in a HA setup to always be different from the other endpoint as the "m_SchedulingOffset"
// "next_check/next_update" in an HA setup to always be different from the other endpoint as the "m_SchedulingOffset"
// is randomly initialised on each node.
if (!origin) {
if (cr->GetActive()) {

2
tools/selinux/icinga2.te
View File

@ -205,7 +205,7 @@ corenet_tcp_connect_lmtp_port(icinga2_t)
# Allow icinga2 to connect to redis using unix domain sockets
stream_connect_pattern(icinga2_t, redis_var_run_t, redis_var_run_t, redis_t)
# Just like `redis_tcp_connect(icinga2_t)`, though this interface does not exist on centos7
# Just like `redis_tcp_connect(icinga2_t)`, though this interface does not exist on Amazon Linux 2
corenet_tcp_recvfrom_labeled(icinga2_t, redis_t)
corenet_tcp_sendrecv_redis_port(icinga2_t)
corenet_tcp_connect_redis_port(icinga2_t)