X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=config%2Fstatic%2Fcgi.cfg;h=04018d0702caee1ce7da21a671c8b1c069b10948;hb=56d756d98a26dc1225a31723c481a068c6e12a02;hp=176499bdfd82a473e6aaebfbd6c4ecafbb6efe8a;hpb=dca3b8287a6f82ccb73366e1b9d3a771f50cbff7;p=mirror%2Fdsa-nagios.git diff --git a/config/static/cgi.cfg b/config/static/cgi.cfg index 176499b..04018d0 100644 --- a/config/static/cgi.cfg +++ b/config/static/cgi.cfg @@ -1,53 +1,148 @@ -############################################################################# -## THIS FILE IS COPIED TO THE FINAL LOCATION USING PUPPET -## ITS AUTHORITATIVE HOME IS THE DSA-NAGIOS CONFIGURATION GIT -############################################################################# - - ################################################################# # -# CGI.CFG - Sample CGI Configuration File for Nagios +# CGI.CFG - CGI Configuration File for Icinga # ################################################################# + +###################################### +# +# COMMON (ALL CGIs) +# +###################################### + # MAIN CONFIGURATION FILE # This tells the CGIs where to find your main configuration file. # The CGIs will read the main and host config files for any other # data they might need. -main_config_file=/etc/nagios3/nagios.cfg +main_config_file=/etc/icinga/icinga.cfg + + + +# STANDALONE INSTALLATION +# This is only useful in an Icinga 2 setup (or any other setup +# containing multiple Classic UI installs). If you have installed +# Icinga 2 with compat layer and classic-ui, you can set this +# to 1. Otherwise leave it at 0. +# Enabling this option ignores main_config_file setting. +# +# NOTE: Check also the "Standalone (Icinga2) section" at the bottom +# if this option is switched on! + +standalone_installation=0 # PHYSICAL HTML PATH -# This is the path where the HTML files for Nagios reside. This +# This is the path where the HTML files for Icinga reside. This # value is used to locate the logo images needed by the statusmap -# and statuswrl CGIs. +# and status CGIs. -physical_html_path=/usr/share/nagios3/htdocs +physical_html_path=/usr/share/icinga/htdocs # URL HTML PATH # This is the path portion of the URL that corresponds to the -# physical location of the Nagios HTML files (as defined above). +# physical location of the Icinga HTML files (as defined above). # This value is used by the CGIs to locate the online documentation -# and graphics. If you access the Nagios pages with an URL like -# http://www.myhost.com/nagios, this value should be '/nagios' +# and graphics. If you access the Icinga pages with an URL like +# http://www.myhost.com/icinga, this value should be '/icinga' # (without the quotes). -url_html_path=/nagios3 +url_html_path=/icinga + +# NAGIOS PROCESS CHECK COMMAND +# This is the full path and filename of the program used to check +# the status of the Nagios process. It is used only by the CGIs +# and is completely optional. However, if you don't use it, you'll +# see warning messages in the CGIs about the Nagios process +# not running and you won't be able to execute any commands from +# the web interface. The program should follow the same rules +# as plugins; the return codes are the same as for the plugins, +# it should have timeout protection, it should output something +# to STDIO, etc. +# +# Note: The command line for the check_nagios plugin below may +# have to be tweaked a bit, as different versions of the plugin +# use different command line arguments/syntaxes. + +icinga_check_command=/usr/lib/nagios/plugins/check_nagios /var/lib/icinga/status.dat 5 '/usr/sbin/icinga' + +# URL CGI PATH +# This is the path portion of the URL that corresponds to the +# physical location of the Icinga CGI files. It is evaluated by +# the cmd.cgi CSRF protection. +# This value should be changed if the CGI files are accessible +# under a different path than the default installation path. + +#url_cgi_path=/icinga/cgi-bin + + + +# URL STYLESHEETS PATH +# This option allows to define an url stylesheet path other than the +# default ($url_html_path/stylesheets). This will be useful when +# adding custom stylesheets in another location. +# If not set, the default location will be used. + +url_stylesheets_path=/icinga/stylesheets -# CONTEXT-SENSITIVE HELP -# This option determines whether or not a context-sensitive -# help icon will be displayed for most of the CGIs. -# Values: 0 = disables context-sensitive help -# 1 = enables context-sensitive help +# HTTP CHARSET +# This defines charset that is sent with HTTP headers. -show_context_help=1 +http_charset=utf-8 + + + +# REFRESH RATE +# This option allows you to specify the refresh rate in seconds +# of various CGIs (extinfo, outages, status, statusmap and tac). + +refresh_rate=90 + + + +# REFRESH TYPE +# This option determines what type of refresh should be used. +# You can choose between http header and javascript. By +# default javascript (1) is activated. If you have trouble +# using javascript then try refresh via http header (0). + +refresh_type=1 + + + +# ESCAPE HTML TAGS +# This option determines whether HTML tags in host and service +# status output is escaped in the web interface. If enabled, +# your plugin output will not be able to contain clickable links. + +escape_html_tags=1 + + + +# RESULT LIMIT +# This options specifies the number of page entries +# displayed by default in various cgi's. To display +# all entries by default set this value to 0. +# Default is 50. + +#result_limit=50 +result_limit=0 + + + +# SHOW TAC INFORMATION IN TOP FRAME +# This options places tactical overview information in +# the top frame similar to the view that's in icinga-web. +# By default it is enabled. + +show_tac_header=1 @@ -55,23 +150,93 @@ show_context_help=1 # This option determines what states should be displayed in the web # interface for hosts/services that have not yet been checked. # Values: 0 = leave hosts/services that have not been check yet in their original state -# 1 = mark hosts/services that have not been checked yet as PENDING +# 1 = mark hosts/services that have not been checked yet as PENDING (default) use_pending_states=1 -nagios_check_command=/usr/lib/nagios/plugins/check_nagios /var/cache/nagios3/status.dat 5 '/usr/sbin/nagios3' + + +# FIRST DAY OF WEEK +# Here you can set if your week starts on sunday or monday. +# Default is 0 (Sunday), set it to 1 if your week start monday. + +first_day_of_week=0 + + + +# CSV DELIMITER +# This option determines the character which should act as +# delimiter. Default is ";". + +#csv_delimiter=; + + + +# CSV DATA ENCLOSURE +# This option determines the character which should act as +# data enclosure to wrap in the data. Default is "'". + +#csv_data_enclosure=' + + + +# SUPPRESS MAINTENANCE DOWNTIME +# This options suppresses the state coloring of hosts and services +# that are in a scheduled downtime. It sets their coloring to gray, +# so they no longer draw extra attention to themselves, making it +# so only actual problems are the ones that stand out. +# By default it is disabled. + +suppress_maintenance_downtime=0 + + + +# URL TARGET FRAMES +# These options determine the target frames in which notes and +# action URLs will open. Default is main frame. + +action_url_target=main +notes_url_target=main +#action_url_target=_blank +#notes_url_target=_blank + + + +# READ GZIP LOGS +# This option enables reading of gzipped log files. As this can +# have a huge performance impact in big environments, this +# option is disabled by default. +# + +read_gzip_logs=0 + + + + +###################################### +# +# AUTHENTICATION (ALL CGIs) +# +###################################### + +# ATTRIBUTE BASED AUTHORIZATION FILE +# This option will include a file defining authroization based on +# attributes. + +#authorization_config_file=/etc/icinga/cgiauth.cfg + # AUTHENTICATION USAGE -# This option controls whether or not the CGIs will use any +# This option controls whether or not the CGIs will use any # authentication when displaying host and service information, as -# well as committing commands to Nagios for processing. +# well as committing commands to Icinga for processing. # # Read the HTML documentation to learn how the authorization works! # # NOTE: It is a really *bad* idea to disable authorization, unless # you plan on removing the command CGI (cmd.cgi)! Failure to do -# so will leave you wide open to kiddies messing with Nagios and +# so will leave you wide open to kiddies messing with Icinga and # possibly hitting you with a denial of service attack by filling up # your drive by continuously writing to your command file! # @@ -83,16 +248,33 @@ use_authentication=1 - -# x509 CERT AUTHENTICATION -# When enabled, this option allows you to use x509 cert (SSL) -# authentication in the CGIs. This is an advanced option and should -# not be enabled unless you know what you're doing. +# USE CLIENT CERTIFICATTES +# This option controls whether the value of the web server environment +# variable REMOTE_USER or SSL_CLIENT_S_DN_CN will be used. The name of +# the directive is a bit misleading because unless you set up the use +# of client certificates the value has to be set to zero (0). Setting +# the value to one (1) requires "SSLUserName SSL_CLIENT_S_DN_CN" and +# several other options in your web server config. Please consult your +# web server configuration documentation for details. +# +# Values: +# 0 = Use web server environment variable REMOTE_USER to get the user +# logged in. Don't use client certificates (default) +# 1 = Use web server environment variable SSL_CLIENT_S_DN_CN to get +# the user logged in. Use client certificates use_ssl_authentication=0 +# LOWERCASE USER NAME +# This option controls whether or not the username is converted +# to all lowercase letters. Can be useful if the username is stored +# in Active Directory (case-insensitive). + +lowercase_user_name=0 + + # DEFAULT USER # Setting this variable will define a default user name that can @@ -107,20 +289,23 @@ use_ssl_authentication=0 # access to the CGIs has been authenticated in some manner! If you # define this variable, anyone who has not authenticated to the web # server will inherit all rights you assign to this user! - + #default_user_name=guest # SYSTEM/PROCESS INFORMATION ACCESS # This option is a comma-delimited list of all usernames that -# have access to viewing the Nagios process information as +# have access to viewing the Icinga process information as # provided by the Extended Information CGI (extinfo.cgi). By # default, *no one* has access to this unless you choose to # not use authorization. You may use an asterisk (*) to # authorize any user who has authenticated to the web server. +# Alternatively you can specify contactgroups too, starting +# with Icinga 1.5.0 -authorized_for_system_information=nagiosadmin +authorized_for_system_information=icingaadmin +#authorized_contactgroup_for_system_information= @@ -131,21 +316,41 @@ authorized_for_system_information=nagiosadmin # for the hosts and services they are contacts for. You may use # an asterisk (*) to authorize any user who has authenticated # to the web server. +# Alternatively you can specify contactgroups too, starting +# with Icinga 1.5.0 + +authorized_for_configuration_information=icingaadmin +#authorized_contactgroup_for_configuration_information= + + -authorized_for_configuration_information=nagiosadmin +# RAW COMMANDLINE CONFIGURATION INFORMATION ACCESS +# This option is a comma-delimited list of all usernames that +# can view a command in config command expander as icinga would +# execute it. To resolve all MACROS it is necessary to allow +# read access to the web server for resource.cfg . +# CAUTION: $USERXX$ vars and custom vars can contain sensitive +# data. +# Alternatively you can specify contactgroups too. + +authorized_for_full_command_resolution=icingaadmin +#authorized_contactgroup_for_full_command_resolution= # SYSTEM/PROCESS COMMAND ACCESS # This option is a comma-delimited list of all usernames that -# can issue shutdown and restart commands to Nagios via the +# can issue shutdown and restart commands to Icinga via the # command CGI (cmd.cgi). Users in this list can also change # the program mode to active or standby. By default, *no one* # has access to this unless you choose to not use authorization. # You may use an asterisk (*) to authorize any user who has # authenticated to the web server. +# Alternatively you can specify contactgroups too, starting +# with Icinga 1.5.0 -authorized_for_system_commands=nagiosadmin +authorized_for_system_commands=icingaadmin +#authorized_contactgroup_for_system_commands= @@ -156,115 +361,185 @@ authorized_for_system_commands=nagiosadmin # for hosts or services that they are contacts for (unless you # you choose to not use authorization). You may use an asterisk (*) # to authorize any user who has authenticated to the web server. +# Alternatively you can specify contactgroups too. +# +# NOTE: Users in authorized_for_all_hosts are also automatically +# authorised to view information for all services. - -authorized_for_all_services=dsa-guest,nagiosadmin -authorized_for_all_hosts=dsa-guest,nagiosadmin +#authorized_for_all_services=icingaadmin +#authorized_for_all_hosts=icingaadmin +#authorized_contactgroup_for_all_services= +#authorized_contactgroup_for_all_hosts= +authorized_for_all_services=dsa-guest,icingaadmin +authorized_for_all_hosts=dsa-guest,icingaadmin # GLOBAL HOST/SERVICE COMMAND ACCESS # These two options are comma-delimited lists of all usernames that # can issue host or service related commands via the command -# CGI (cmd.cgi) for all hosts and services that are being monitored. -# By default, users can only issue commands for hosts or services -# that they are contacts for (unless you you choose to not use +# CGI (cmd.cgi) for all hosts and services that are being monitored. +# By default, users can only issue commands for hosts or services +# that they are contacts for (unless you you choose to not use # authorization). You may use an asterisk (*) to authorize any # user who has authenticated to the web server. +# Alternatively you can specify contactgroups too. +# +# NOTE: Users in authorized_for_all_host_commands are also automatically +# authorised to issue commands for all services. -authorized_for_all_service_commands=nagiosadmin -authorized_for_all_host_commands=nagiosadmin +authorized_for_all_service_commands=icingaadmin +authorized_for_all_host_commands=icingaadmin +#authorized_contactgroup_for_all_service_commands= +#authorized_contactgroup_for_all_host_commands= +# READ-ONLY USERS +# A comma-delimited list of usernames that have read-only rights in +# the CGIs. This will block any service or host commands normally shown +# on the extinfo CGI pages. It will also block comments and downtimes +# from being shown to read-only users. +# Alternatively you can specify contactgroups too, starting +# with Icinga 1.5.0 -# STATUSMAP BACKGROUND IMAGE -# This option allows you to specify an image to be used as a -# background in the statusmap CGI. It is assumed that the image -# resides in the HTML images path (i.e. /usr/local/nagios/share/images). -# This path is automatically determined by appending "/images" -# to the path specified by the 'physical_html_path' directive. -# Note: The image file may be in GIF, PNG, JPEG, or GD2 format. -# However, I recommend that you convert your image to GD2 format -# (uncompressed), as this will cause less CPU load when the CGI -# generates the image. +#authorized_for_read_only=user1,user2 +#authorized_contactgroup_for_read_only= -#statusmap_background_image=smbackground.gd2 +# READ-ONLY FOR COMMENTS USERS +# A comma-delimited list of usernames that have rights to view comments in +# the CGIs. If user is defined as read-only and you add the same user to +# this options, then the user can still see comments. If user is NOT +# read-only then the options to delete comments in extinfo.cgi are not +# displayed as well. -# DEFAULT STATUSMAP LAYOUT METHOD -# This option allows you to specify the default layout method -# the statusmap CGI should use for drawing hosts. If you do -# not use this option, the default is to use user-defined -# coordinates. Valid options are as follows: -# 0 = User-defined coordinates -# 1 = Depth layers -# 2 = Collapsed tree -# 3 = Balanced tree -# 4 = Circular -# 5 = Circular (Marked Up) +#authorized_for_comments_read_only=user1,user2 +#authorized_contactgroup_for_comments_read_only= -default_statusmap_layout=5 +# READ-ONLY FOR DOWNTIMES USERS +# A comma-delimited list of usernames that have rights to view downtimes in +# the CGIs. If user is defined as read-only and you add the same user to +# this options, then the user can still see downtimes. If user is NOT +# read-only then the options to delete downtimes in extinfo.cgi are not +# displayed as well. -# DEFAULT STATUSWRL LAYOUT METHOD -# This option allows you to specify the default layout method -# the statuswrl (VRML) CGI should use for drawing hosts. If you -# do not use this option, the default is to use user-defined -# coordinates. Valid options are as follows: -# 0 = User-defined coordinates -# 2 = Collapsed tree -# 3 = Balanced tree -# 4 = Circular +#authorized_for_downtimes_read_only=user1,user2 +#authorized_contactgroup_for_downtimes_read_only= -default_statuswrl_layout=4 +# SHOW ALL SERVICES THE HOST IS AUTHORIZED FOR +# By default, a user can see all services on a host, if the user is +# authorized as contact for the host only. By disabling this option, +# the user must be an authorized contact for the service too in order +# to view it. +# Values: 0 - disabled, user must be authorized for services too +# 1 - enabled, user can view all services on authorized host -# STATUSWRL INCLUDE -# This option allows you to include your own objects in the -# generated VRML world. It is assumed that the file -# resides in the HTML path (i.e. /usr/local/nagios/share). +show_all_services_host_is_authorized_for=1 -#statuswrl_include=myworld.wrl +# SHOW PARTIAL HOSTGROUPS +# By default (meaning the directive is not present or disabled), a user +# only sees a hostgroup and the hosts within it if they are an authorised +# contact for all of the hosts of the group. The behaviour can be changed +# using the directive show_partial_hostgroups=1. +# When enabled, the hostgroups overview will show a partial listing of hosts +# that the user is an authorised contact for within each hostgroup. +# It will also add the string "(Partial Hostgroups Enabled)" to the top of +# the Hostgroup Overview to help prevent any confusion over whether the option +# is in use or not. However for privacy reasons, hostgroups that are only showing +# a partial listing are not specifically indicated. +# +# Values: 0 - disabled, user only sees full hostgroups (default) +# 1 - enabled, user sees partial hostgroups -# PING SYNTAX -# This option determines what syntax should be used when -# attempting to ping a host from the WAP interface (using -# the statuswml CGI. You must include the full path to -# the ping binary, along with all required options. The -# $HOSTADDRESS$ macro is substituted with the address of -# the host before the command is executed. -# Please note that the syntax for the ping binary is -# notorious for being different on virtually ever *NIX -# OS and distribution, so you may have to tweak this to -# work on your system. +show_partial_hostgroups=0 -ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$ +# SHOW PARTIAL SERVICEROUPS +# By default (meaning the directive is not present or disabled), a user +# only sees a servicegroup and the hosts and services within it if they are an +# authorised contact for all of the hosts and services of the group. +# The behaviour can be changed using the directive show_partial_servicegroups=1. +# When enabled, the serviceroups overview will show a partial listing of hosts +# and services that the user is an authorised contact for within each servicegroup. +# It will also add the string "(Partial Servicegroups Enabled)" to the top of +# the Servicegroup Overview to help prevent any confusion over whether the option +# is in use or not. However for privacy reasons, servicegroups that are only showing +# a partial listing are not specifically indicated. +# +# Values: 0 - disabled, user only sees full servicegroups (default) +# 1 - enabled, user sees partial servicegroups -# REFRESH RATE -# This option allows you to specify the refresh rate in seconds -# of various CGIs (status, statusmap, extinfo, and outages). +show_partial_servicegroups=0 -refresh_rate=90 -# ESCAPE HTML TAGS -# This option determines whether HTML tags in host and service -# status output is escaped in the web interface. If enabled, -# your plugin output will not be able to contain clickable links. +###################################### +# +# STATUSMAP (statusmap.cgi) +# +###################################### -escape_html_tags=1 +# STATUSMAP BACKGROUND IMAGE +# This option allows you to specify an image to be used as a background +# in the statusmap CGI if you use the user-supplied coordinates layout method. +# The background image is not be available in any other layout methods. It is +# assumed that the image resides in the HTML images path (i.e. +# /usr/local/icinga/share/images). This path is automatically determined by +# appending "/images" to the path specified by the physical_html_path directive. +# +# NOTE: The image file can be in GIF, JPEG, PNG, or GD2 format. However, GD2 +# format (preferably in uncompressed format) is recommended, as it will reduce +# the CPU load when the CGI generates the map image. + +#statusmap_background_image=smbackground.gd2 +# STATUSMAP TRANSPARENCY INDEX COLOR +# These options set the r,g,b values of the background color used the statusmap CGI, +# so normal browsers that can't show real png transparency set the desired color as +# a background color instead (to make it look pretty). +# Defaults to white: (R,G,B) = (255,255,255). + +#color_transparency_index_r=255 +#color_transparency_index_g=255 +#color_transparency_index_b=255 + + + +# DEFAULT STATUSMAP LAYOUT METHOD +# This option allows you to specify the default layout method +# the statusmap CGI should use for drawing hosts. If you do +# not use this option, the default is to use user-defined +# coordinates. Valid options are as follows: +# 0 = User-defined coordinates +# 1 = Depth layers +# 2 = Collapsed tree +# 3 = Balanced tree +# 4 = Circular +# 5 = Circular (Marked Up) +# 6 = Baloon (Marked Up) + +default_statusmap_layout=5 + + + + +###################################### +# +# STATUS (status.cgi) +# +###################################### # SOUND OPTIONS # These options allow you to specify an optional audio file @@ -281,7 +556,7 @@ escape_html_tags=1 # = # # Note: All audio files must be placed in the /media subdirectory -# under the HTML path (i.e. /usr/local/nagios/share/media/). +# under the HTML path (i.e. /usr/local/icinga/share/media/). #host_unreachable_sound=hostdown.wav #host_down_sound=hostdown.wav @@ -292,27 +567,322 @@ escape_html_tags=1 -# URL TARGET FRAMES -# These options determine the target frames in which notes and -# action URLs will open. +# SHOW LONG PLUGIN OUTPUT IN STATUS OPTION +# This option allows you to specify the length of status information +# in output of status.cgi. If you set the value to 1 it shows the +# full plugin output instead of the first line only. +# Default value is 0. + +status_show_long_plugin_output=0 + + + +# DISPLAY STATUS TOTAL +# This option allows you to specify if the +# Host Status Totals and Service Status Totals +# should be displayed. +# Default value is 0. + +display_status_totals=0 -action_url_target=_blank -notes_url_target=_blank +# HIGHLIGHT TABLE ROWS +# This option allows you to define if table rows in status.cgi +# will be highlighted or not. +# Values: 0 = disables row highlighting +# 1 = enables row highlighting + +highlight_table_rows=1 + + + +# SERVICE STATES TO ANNOTATE WITH CURRENT NOTIFICATION NO. +# Set this to an OR of the service state identifiers for +# which status.cgi should not only report "Attempts" (e.g., +# "3/3" for a HARD non-OK state with max_check_attempts=3) +# but also the current notification number ("(#0)" if no +# problem notification has been sent yet, etc.). This is +# helpful to identify services which switched between +# different non-OK states a lot, or services which have a +# first_notification_delay set and are "not yet officially" +# considered in trouble. +# Relevant values from include/statusdata.h (look them up +# *there* if you want to be *really* sure): +# #define SERVICE_PENDING 1 +# #define SERVICE_OK 2 +# #define SERVICE_WARNING 4 +# #define SERVICE_UNKNOWN 8 +# #define SERVICE_CRITICAL 16 +# You'll likely want to use add_notif_num_hard=0 (default) +# or add_notif_num_hard=28 (warn+crit+unknown). There's an +# add_notif_num_soft affecting services in a SOFT state +# for sake of completeness, too. + +#add_notif_num_hard=28 +#add_notif_num_soft=0 + + + + +###################################### +# +# SEND COMMANDS (cmd.cgi) +# +###################################### + +# Logging + +# USE LOGGING +# If you want to log information from cgi's (e.g. all submitted commands) +# then set this option to 1, default is 0 (off). +# WARNING: +# This log is highly experimental and changes may occure without notice. Use at your own risk!! + +use_logging=0 + + + +# CGI LOG FILE +# This is the cgi log file for information about what users are doing. +# At the moment only submitted commands from cmd.cgi will be logged. + +cgi_log_file=/usr/share/icinga/htdocs/log/icinga-cgi.log + + + +# CGI LOG ROTATION METHOD +# This is the log rotation method that should be used to rotate +# the cgi log file. Values are as follows.. +# n = None - don't rotate the log +# h = Hourly rotation (top of the hour) +# d = Daily rotation (midnight every day) +# w = Weekly rotation (midnight on Saturday evening) +# m = Monthly rotation (midnight last day of month) + +cgi_log_rotation_method=d + + + +# CGI LOG ARCHIVE PATH +# This is the directory where archived (rotated) cgi log files should be +# placed (assuming you've chosen to do log rotation). + +cgi_log_archive_path=/usr/share/icinga/htdocs/log + + + +# FORCE COMMENT +# This option forces the users of to comment every action they perform. +# The comments get logged into cgi log file. This option only has effect +# if logging is switched on. See option "use_logging" +# Default is 0 (off), to activate it set it to 1 (on). + +enforce_comments_on_actions=0 + + + +# SEND ACK NOTIFICATIONS +# This options determines whether the initial state of the +# checkbox "Send Notifications" when acknowledging a problem. +# A value of 1 ticks the checkbox and 0 does not. The default +# is 1, which will send notifications on acknowledged problems. + +send_ack_notifications=1 + + + +# PERSISTENT ACKNOWLEDGEMENT COMMENTS +# This options determines whether the initial state of the +# checkbox "Persistent Comment:" for service and host problem +# acknowledgements is checked or unchecked + +persistent_ack_comments=0 + # LOCK AUTHOR NAMES OPTION -# This option determines whether users can change the author name -# when submitting comments, scheduling downtime. If disabled, the -# author names will be locked into their contact name, as defined in Nagios. -# Values: 0 = allow editing author names -# 1 = lock author names (disallow editing) +# This option allows you to restrict users from changing the author name +# when submitting comments, acknowledgements, and scheduled downtime from +# the web interface. If this option is enabled, users will be unable to +# change the author name associated with the command request. +# +# Values: 0 = Allow users to change author names when submitting commands +# 1 = Prevent users from changing author names (default) lock_author_names=1 +# DEFAULT DOWNTIME DURATION +# This option defines the default duration (in seconds) of fixed and +# flexible downtimes. Default is 7200 seconds (2 hours). + +default_downtime_duration=7200 + + + +# SET EXPIRE ACK BY DEFAULT +# This option either sets or clears the checkbox for "Use Expire Time" +# in the acknowledgement menu. Valid values are 0 (DO NOT tick the +# checkbox by default) or 1 (tick the checkbox by default). The default +# is 0 (leave the checkbox blank). + +set_expire_ack_by_default=0 + + + +# DEFAULT EXPIRING ACKNOWLEDGEMENT DURATION +# This option defines the default duration (in seconds) of a expiring +# acknowledgement. Default is 86400 seconds (1 day). + +default_expiring_acknowledgement_duration=86400 + + + +# DEFAULT EXPIRING DISABLED NOTIFICATIONS DURATION +# This option defines the default duration (in seconds) of a expiring +# disabled notifications. Default is 86400 seconds (1 day). + +default_expiring_disabled_notifications_duration=86400 + + + +# DISABLE CMD CGI CSRF PROTECTION +# This option disables the protection against CSRF attacks +# (Cross-Site Request Forgery). Use this option only if you are +# using external programs (like Nagstamon) which access +# cmd.cgi directly to submit commands. By default the submitted +# command (via external program) will be rejected. +# The default is 0 (protection is on). + +disable_cmd_cgi_csrf_protection=0 + + + + +###################################### +# +# TACTICAL OVERVIEW (tac.cgi) +# +###################################### + +# SHOW ONLY HARD STATES IN TAC OPTION +# This options allows you to specify if the tactical overview +# should only show hard states on hosts and services. +# By default disabled, all states will be shown. + +tac_show_only_hard_state=0 + + + +# SHOW PENDING IN TAC HEADER +# This options enables the display of pending counts in +# the tac header. If your display is less than 1024x768 +# and this is enabled, the tactical information may not +# fit well in the top frame. +# By default it is enabled. + +show_tac_header_pending=1 + + + + +###################################### +# +# EXTENDED INFO (extinfo.cgi) +# +###################################### + +# EXCLUDE CUSTOMVAR NAMES +# This Option allows you to specify a comma seperated list of +# custom variable names which are automatically excluded when +# a variable name would contain that name. +# NOTE: For security reasons, you should at least exclude all +# sensitive information like passwords, snmp communities, etc +# Use * to exclude all custom variable names. + +exclude_customvar_name=PASSWORD,COMMUNITY + + + +# EXCLUDE CUSTOMVAR VALUES +# This Option allows you to specify a comma seperated list of +# custom variable values which are automatically excluded when +# a variable value would contain that value. +# NOTE: For security reasons, you should at least exclude all +# sensitive information like passwords, snmp communities, etc +# Use * to exclude all custom variable values. + +exclude_customvar_value=secret + + + +# SHOW CHILD HOSTS IN EXTINFO OPTION +# This Option allows you to specify if the extended host information +# cgi will show child hosts for the selected host. +# 0 = disabled +# 1 = only show immediate child hosts +# 2 = show immediate and all child hosts +# NOTE: Option 2 could be a real performance killer in +# large installations, so use with care. +# By default disabled, as this could be a performance killer. + +extinfo_show_child_hosts=0 + + + +# TAB-FRIENDLY S +# Activating this option changes the <title> of status.cgi +# and extinfo.cgi when they refer to a single host, service, +# or group. They will then read: +# [Host] +# {HostGroup} +# ServiceDesc @ Host +# (ServiceGroup) +# These are easier to read and find if you use (many) tabs +# in your browser. +# Default is enabled. 0=disabled, 1=enabled + +tab_friendly_titles=1 + + + + +###################################### +# +# SHOWLOG (showlog.cgi) +# +###################################### + +# SHOW INITIAL STATES IN SHOWLOG OPTION +# This options allows you to specify if initial states +# of hosts and services should be shown in showlog.cgi +# Note: This Option only works if the option +# "log_initial_states" in icinga.cfg is set to 1. +# By default it's disabled. Default is 0. + +#showlog_initial_states=0 + + + +# SHOW CURRENT STATES IN SHOWLOG OPTION +# This options allows you to specify if current states +# of hosts and services should be shown in showlog.cgi +# Note: This Option only works if the option +# "log_current_states" in icinga.cfg is set to 1. +# By default it's disabled. Default is 0. + +#showlog_current_states=0 + + + + +###################################### +# +# SPLUNK INTEGRATION (VARIOUS CGIs) +# +###################################### # SPLUNK INTEGRATION OPTIONS # These options allow you to enable integration with Splunk @@ -329,8 +899,146 @@ lock_author_names=1 #enable_splunk_integration=1 + # This option should be the URL used to access your instance of Splunk #splunk_url=http://127.0.0.1:8000/ + + +###################################### +# +# STANDALONE (ICINGA 2) OPTIONS +# requires standalone_installation=1 +# +###################################### + +# OBJECT CACHE FILE +# This option determines where object definitions are cached when +# Icinga starts/restarts. The CGIs read object definitions from +# this cache file (rather than looking at the object config files +# directly) in order to prevent inconsistencies that can occur +# when the config files are modified after Icinga starts. +# Icinga 2 provides this file through its compat component, if enabled. + +object_cache_file=/var/cache/icinga/objects.cache + + + +# STATUS FILE +# This is where the current status of all monitored services and +# hosts is stored. Its contents are read and processed by the CGIs. +# The contents of the status file are deleted every time Icinga +# restarts. +# Icinga 2 provides this file through its compat component, if enabled. + +status_file=/var/cache/icinga/status.dat + + + +# RESOURCE FILE +# This is an optional resource file that contains $USERx$ macro +# definitions. Multiple resource files can be specified by using +# multiple resource_file definitions. The CGIs will not attempt to +# read the contents of resource files, so information that is +# considered to be sensitive (usernames, passwords, etc) can be +# defined as macros in this file and restrictive permissions (600) +# can be placed on this file. + +resource_file=/etc/icinga/resource.cfg + + + +# EXTERNAL COMMAND FILE +# This is the file that Icinga checks for external command requests. +# It is also where the command CGI will write commands that are submitted +# by users, so it must be writeable by the user that the web server +# is running as (usually 'nobody'). Permissions should be set at the +# directory level instead of on the file, as the file is deleted every +# time its contents are processed. +# Icinga 2 provides this file through its compat component, if enabled. + +command_file=/var/lib/icinga/rw/icinga.cmd + + + +# EXTERNAL COMMAND OPTION +# This option allows you to specify whether or not Icinga should check +# for external commands (in the command file defined below). By default +# Icinga will *not* check for external commands, just to be on the +# cautious side. If you want to be able to use the CGI command interface +# you will have to enable this. +# Values: 0 = disable commands, 1 = enable commands + +check_external_commands=1 + + + +# INTERVAL LENGTH +# This is the seconds per unit interval as used in the +# host/contact/service configuration files. Setting this to 60 means +# that each interval is one minute long (60 seconds). Other settings +# have not been tested much, so your mileage is likely to vary... + +interval_length=60 + + + +# STATUS FILE UPDATE INTERVAL +# This option determines the frequency (in seconds) that +# Icinga will periodically dump program, host, and +# service status data. +# Increase the value, if you don't require it that often. + +#status_update_interval=30 +status_update_interval=10 + + + +# LOG FILE +# This is the main log file where service and host events are logged +# for historical purposes. This should be the first option specified +# in the config file!!! +# Icinga 2 provides this file through its compat component, if enabled. + +log_file=/var/log/icinga/icinga.log + + + +# LOG ROTATION METHOD +# This is the log rotation method that Icinga should use to rotate +# the main log file. Values are as follows.. +# n = None - don't rotate the log +# h = Hourly rotation (top of the hour) +# d = Daily rotation (midnight every day) +# w = Weekly rotation (midnight on Saturday evening) +# m = Monthly rotation (midnight last day of month) + +log_rotation_method=d + + + +# LOG ARCHIVE PATH +# This is the directory where archived (rotated) log files should be +# placed (assuming you've chosen to do log rotation). +# Icinga 2 provides this file through its compat component, if enabled. + +log_archive_path=/var/log/icinga/archives + + + +# DATE FORMAT OPTION +# This option determines how short dates are displayed. Valid options +# include: +# us (MM-DD-YYYY HH:MM:SS) +# euro (DD-MM-YYYY HH:MM:SS) +# iso8601 (YYYY-MM-DD HH:MM:SS) +# strict-iso8601 (YYYY-MM-DDTHH:MM:SS) +# + +date_format=us + + + +# EOF