#################################################################
#
-# CGI.CFG - Sample CGI Configuration File for Icinga
+# CGI.CFG - CGI Configuration File for Icinga
#
#################################################################
+
+######################################
+#
+# COMMON (ALL CGIs)
+#
+######################################
+
# MAIN CONFIGURATION FILE
# This tells the CGIs where to find your main configuration file.
# The CGIs will read the main and host config files for any other
main_config_file=/etc/icinga/icinga.cfg
-# ATTRIBUTE BASED AUTHORIZATION FILE
-# This option will include a file defining authroization based on
-# attributes.
-#authorization_config_file=/etc/icinga/cgiauth.cfg
+# STANDALONE INSTALLATION
+# This is only useful in an Icinga 2 setup (or any other setup
+# containing multiple Classic UI installs). If you have installed
+# Icinga 2 with compat layer and classic-ui, you can set this
+# to 1. Otherwise leave it at 0.
+# Enabling this option ignores main_config_file setting.
+#
+# NOTE: Check also the "Standalone (Icinga2) section" at the bottom
+# if this option is switched on!
+
+standalone_installation=0
+
# PHYSICAL HTML PATH
# This is the path where the HTML files for Icinga reside. This
# value is used to locate the logo images needed by the statusmap
-# and statuswrl CGIs.
+# and status CGIs.
physical_html_path=/usr/share/icinga/htdocs
url_html_path=/icinga
+# NAGIOS PROCESS CHECK COMMAND
+# This is the full path and filename of the program used to check
+# the status of the Nagios process. It is used only by the CGIs
+# and is completely optional. However, if you don't use it, you'll
+# see warning messages in the CGIs about the Nagios process
+# not running and you won't be able to execute any commands from
+# the web interface. The program should follow the same rules
+# as plugins; the return codes are the same as for the plugins,
+# it should have timeout protection, it should output something
+# to STDIO, etc.
+#
+# Note: The command line for the check_nagios plugin below may
+# have to be tweaked a bit, as different versions of the plugin
+# use different command line arguments/syntaxes.
+
+icinga_check_command=/usr/lib/nagios/plugins/check_nagios /var/lib/icinga/status.dat 5 '/usr/sbin/icinga'
+
+# URL CGI PATH
+# This is the path portion of the URL that corresponds to the
+# physical location of the Icinga CGI files. It is evaluated by
+# the cmd.cgi CSRF protection.
+# This value should be changed if the CGI files are accessible
+# under a different path than the default installation path.
+
+#url_cgi_path=/icinga/cgi-bin
+
# URL STYLESHEETS PATH
http_charset=utf-8
-# NAGIOS PROCESS CHECK COMMAND
-# This is the full path and filename of the program used to check
-# the status of the Nagios process. It is used only by the CGIs
-# and is completely optional. However, if you don't use it, you'll
-# see warning messages in the CGIs about the Nagios process
-# not running and you won't be able to execute any commands from
-# the web interface. The program should follow the same rules
-# as plugins; the return codes are the same as for the plugins,
-# it should have timeout protection, it should output something
-# to STDIO, etc.
-#
-# Note: The command line for the check_nagios plugin below may
-# have to be tweaked a bit, as different versions of the plugin
-# use different command line arguments/syntaxes.
-icinga_check_command=/usr/lib/nagios/plugins/check_nagios /var/lib/icinga/status.dat 5 '/usr/sbin/icinga'
-# CONTEXT-SENSITIVE HELP
-# This option determines whether or not a context-sensitive
-# help icon will be displayed for most of the CGIs.
-# Values: 0 = disables context-sensitive help
-# 1 = enables context-sensitive help
+# REFRESH RATE
+# This option allows you to specify the refresh rate in seconds
+# of various CGIs (extinfo, outages, status, statusmap and tac).
+
+refresh_rate=90
+
-show_context_help=0
+# REFRESH TYPE
+# This option determines what type of refresh should be used.
+# You can choose between http header and javascript. By
+# default javascript (1) is activated. If you have trouble
+# using javascript then try refresh via http header (0).
+refresh_type=1
-# HIGHLIGHT TABLE ROWS
-# This option allows you to define if table rows in status.cgi
-# will be highlighted or not.
-# Values: 0 = disables row highlighting
-# 1 = enables row highlighting
-highlight_table_rows=1
+
+# ESCAPE HTML TAGS
+# This option determines whether HTML tags in host and service
+# status output is escaped in the web interface. If enabled,
+# your plugin output will not be able to contain clickable links.
+
+escape_html_tags=1
+
+
+
+# RESULT LIMIT
+# This options specifies the number of page entries
+# displayed by default in various cgi's. To display
+# all entries by default set this value to 0.
+# Default is 50.
+
+result_limit=50
+
+
+
+# SHOW TAC INFORMATION IN TOP FRAME
+# This options places tactical overview information in
+# the top frame similar to the view that's in icinga-web.
+# By default it is enabled.
+
+show_tac_header=1
# This option determines what states should be displayed in the web
# interface for hosts/services that have not yet been checked.
# Values: 0 = leave hosts/services that have not been check yet in their original state
-# 1 = mark hosts/services that have not been checked yet as PENDING
+# 1 = mark hosts/services that have not been checked yet as PENDING (default)
use_pending_states=1
-# Logging
-# USE LOGGING
-# If you want to log information from cgi's (e.g. all submitted commands)
-# then set this option to 1, default is 0 (off).
-# WARNING:
-# This log is highly experimental and changes may occure without notice. Use at your own risk!!
+# FIRST DAY OF WEEK
+# Here you can set if your week starts on sunday or monday.
+# Default is 0 (Sunday), set it to 1 if your week start monday.
-use_logging=0
+first_day_of_week=0
-# CGI LOG FILE
-# This is the cgi log file for information about what users are doing.
-# At the moment only submitted commands from cmd.cgi will be logged.
-cgi_log_file=/usr/share/icinga/htdocs/log/icinga-cgi.log
+# CSV DELIMITER
+# This option determines the character which should act as
+# delimiter. Default is ";".
+#csv_delimiter=;
-# CGI LOG ROTATION METHOD
-# This is the log rotation method that should be used to rotate
-# the cgi log file. Values are as follows..
-# n = None - don't rotate the log
-# h = Hourly rotation (top of the hour)
-# d = Daily rotation (midnight every day)
-# w = Weekly rotation (midnight on Saturday evening)
-# m = Monthly rotation (midnight last day of month)
-cgi_log_rotation_method=d
+# CSV DATA ENCLOSURE
+# This option determines the character which should act as
+# data enclosure to wrap in the data. Default is "'".
-# CGI LOG ARCHIVE PATH
-# This is the directory where archived (rotated) cgi log files should be
-# placed (assuming you've chosen to do log rotation).
+#csv_data_enclosure='
-cgi_log_archive_path=/usr/share/icinga/htdocs/log
-# FORCE COMMENT
-# This option forces the users of to comment every action they perform.
-# The comments get logged into cgi log file. This option only has effect
-# if logging is switched on. See option "use_logging"
-# Default is 0 (off), to activate it set it to 1 (on).
+# SUPPRESS MAINTENANCE DOWNTIME
+# This options suppresses the state coloring of hosts and services
+# that are in a scheduled downtime. It sets their coloring to gray,
+# so they no longer draw extra attention to themselves, making it
+# so only actual problems are the ones that stand out.
+# By default it is disabled.
-enforce_comments_on_actions=0
+suppress_maintenance_downtime=0
-# FIRST DAY OF WEEK
-# Here you can set if your week starts on sunday or monday.
-# Default is 0 (Sunday), set it to 1 if your week start monday.
-first_day_of_week=0
+# URL TARGET FRAMES
+# These options determine the target frames in which notes and
+# action URLs will open. Default is main frame.
+
+action_url_target=main
+notes_url_target=main
+#action_url_target=_blank
+#notes_url_target=_blank
+
+
+
+# READ GZIP LOGS
+# This option enables reading of gzipped log files. As this can
+# have a huge performance impact in big environments, this
+# option is disabled by default.
+#
+
+read_gzip_logs=0
+
+
+
+
+######################################
+#
+# AUTHENTICATION (ALL CGIs)
+#
+######################################
+
+# ATTRIBUTE BASED AUTHORIZATION FILE
+# This option will include a file defining authroization based on
+# attributes.
+
+#authorization_config_file=/etc/icinga/cgiauth.cfg
+
# AUTHENTICATION USAGE
-
-# x509 CERT AUTHENTICATION
-# When enabled, this option allows you to use x509 cert (SSL)
-# authentication in the CGIs. This is an advanced option and should
-# not be enabled unless you know what you're doing.
+# USE CLIENT CERTIFICATTES
+# This option controls whether the value of the web server environment
+# variable REMOTE_USER or SSL_CLIENT_S_DN_CN will be used. The name of
+# the directive is a bit misleading because unless you set up the use
+# of client certificates the value has to be set to zero (0). Setting
+# the value to one (1) requires "SSLUserName SSL_CLIENT_S_DN_CN" and
+# several other options in your web server config. Please consult your
+# web server configuration documentation for details.
+#
+# Values:
+# 0 = Use web server environment variable REMOTE_USER to get the user
+# logged in. Don't use client certificates (default)
+# 1 = Use web server environment variable SSL_CLIENT_S_DN_CN to get
+# the user logged in. Use client certificates
use_ssl_authentication=0
+# LOWERCASE USER NAME
+# This option controls whether or not the username is converted
+# to all lowercase letters. Can be useful if the username is stored
+# in Active Directory (case-insensitive).
+
+lowercase_user_name=0
+
+
# DEFAULT USER
# Setting this variable will define a default user name that can
#authorized_contactgroup_for_system_information=
+
# CONFIGURATION INFORMATION ACCESS
# This option is a comma-delimited list of all usernames that
# can view ALL configuration information (hosts, commands, etc).
#authorized_contactgroup_for_configuration_information=
+
# RAW COMMANDLINE CONFIGURATION INFORMATION ACCESS
# This option is a comma-delimited list of all usernames that
# can view a command in config command expander as icinga would
#authorized_contactgroup_for_full_command_resolution=
+
# SYSTEM/PROCESS COMMAND ACCESS
# This option is a comma-delimited list of all usernames that
# can issue shutdown and restart commands to Icinga via the
#authorized_contactgroup_for_system_commands=
+
# GLOBAL HOST/SERVICE VIEW ACCESS
# These two options are comma-delimited lists of all usernames that
# can view information for all hosts and services that are being
# for hosts or services that they are contacts for (unless you
# you choose to not use authorization). You may use an asterisk (*)
# to authorize any user who has authenticated to the web server.
-# Alternatively you can specify contactgroups too, starting
-# with Icinga 1.5.0
-
+# Alternatively you can specify contactgroups too.
+#
+# NOTE: Users in authorized_for_all_hosts are also automatically
+# authorised to view information for all services.
-authorized_for_all_services=dsa-guest,icingaadmin
-authorized_for_all_hosts=dsa-guest,icingaadmin
+authorized_for_all_services=icingaadmin
+authorized_for_all_hosts=icingaadmin
#authorized_contactgroup_for_all_services=
#authorized_contactgroup_for_all_hosts=
+
# GLOBAL HOST/SERVICE COMMAND ACCESS
# These two options are comma-delimited lists of all usernames that
# can issue host or service related commands via the command
# that they are contacts for (unless you you choose to not use
# authorization). You may use an asterisk (*) to authorize any
# user who has authenticated to the web server.
-# Alternatively you can specify contactgroups too, starting
-# with Icinga 1.5.0
+# Alternatively you can specify contactgroups too.
+#
+# NOTE: Users in authorized_for_all_host_commands are also automatically
+# authorised to issue commands for all services.
authorized_for_all_service_commands=icingaadmin
authorized_for_all_host_commands=icingaadmin
#authorized_contactgroup_for_all_host_commands=
+
# READ-ONLY USERS
# A comma-delimited list of usernames that have read-only rights in
# the CGIs. This will block any service or host commands normally shown
-# on the extinfo CGI pages. It will also block comments from being shown
-# to read-only users.
+# on the extinfo CGI pages. It will also block comments and downtimes
+# from being shown to read-only users.
# Alternatively you can specify contactgroups too, starting
# with Icinga 1.5.0
#authorized_contactgroup_for_read_only=
+
+# READ-ONLY FOR COMMENTS USERS
+# A comma-delimited list of usernames that have rights to view comments in
+# the CGIs. If user is defined as read-only and you add the same user to
+# this options, then the user can still see comments. If user is NOT
+# read-only then the options to delete comments in extinfo.cgi are not
+# displayed as well.
+
+#authorized_for_comments_read_only=user1,user2
+#authorized_contactgroup_for_comments_read_only=
+
+
+
+# READ-ONLY FOR DOWNTIMES USERS
+# A comma-delimited list of usernames that have rights to view downtimes in
+# the CGIs. If user is defined as read-only and you add the same user to
+# this options, then the user can still see downtimes. If user is NOT
+# read-only then the options to delete downtimes in extinfo.cgi are not
+# displayed as well.
+
+#authorized_for_downtimes_read_only=user1,user2
+#authorized_contactgroup_for_downtimes_read_only=
+
+
+
# SHOW ALL SERVICES THE HOST IS AUTHORIZED FOR
# By default, a user can see all services on a host, if the user is
# authorized as contact for the host only. By disabling this option,
show_all_services_host_is_authorized_for=1
+
# SHOW PARTIAL HOSTGROUPS
-# By default, a user only sees a hostgroup and the hosts within it if
-# they are an authorized contact for all of the hosts of the group. By
-# enabling this option hostgroups will show a partial listing of hosts
-# the user is an authorized contact for in the hostgroups.
+# By default (meaning the directive is not present or disabled), a user
+# only sees a hostgroup and the hosts within it if they are an authorised
+# contact for all of the hosts of the group. The behaviour can be changed
+# using the directive show_partial_hostgroups=1.
+# When enabled, the hostgroups overview will show a partial listing of hosts
+# that the user is an authorised contact for within each hostgroup.
+# It will also add the string "(Partial Hostgroups Enabled)" to the top of
+# the Hostgroup Overview to help prevent any confusion over whether the option
+# is in use or not. However for privacy reasons, hostgroups that are only showing
+# a partial listing are not specifically indicated.
+#
# Values: 0 - disabled, user only sees full hostgroups (default)
# 1 - enabled, user sees partial hostgroups
show_partial_hostgroups=0
+
+# SHOW PARTIAL SERVICEROUPS
+# By default (meaning the directive is not present or disabled), a user
+# only sees a servicegroup and the hosts and services within it if they are an
+# authorised contact for all of the hosts and services of the group.
+# The behaviour can be changed using the directive show_partial_servicegroups=1.
+# When enabled, the serviceroups overview will show a partial listing of hosts
+# and services that the user is an authorised contact for within each servicegroup.
+# It will also add the string "(Partial Servicegroups Enabled)" to the top of
+# the Servicegroup Overview to help prevent any confusion over whether the option
+# is in use or not. However for privacy reasons, servicegroups that are only showing
+# a partial listing are not specifically indicated.
+#
+# Values: 0 - disabled, user only sees full servicegroups (default)
+# 1 - enabled, user sees partial servicegroups
+
+show_partial_servicegroups=0
+
+
+
+
+######################################
+#
+# STATUSMAP (statusmap.cgi)
+#
+######################################
+
# STATUSMAP BACKGROUND IMAGE
-# This option allows you to specify an image to be used as a
-# background in the statusmap CGI. It is assumed that the image
-# resides in the HTML images path (i.e. /usr/local/icinga/share/images).
-# This path is automatically determined by appending "/images"
-# to the path specified by the 'physical_html_path' directive.
-# Note: The image file may be in GIF, PNG, JPEG, or GD2 format.
-# However, I recommend that you convert your image to GD2 format
-# (uncompressed), as this will cause less CPU load when the CGI
-# generates the image.
+# This option allows you to specify an image to be used as a background
+# in the statusmap CGI if you use the user-supplied coordinates layout method.
+# The background image is not be available in any other layout methods. It is
+# assumed that the image resides in the HTML images path (i.e.
+# /usr/local/icinga/share/images). This path is automatically determined by
+# appending "/images" to the path specified by the physical_html_path directive.
+#
+# NOTE: The image file can be in GIF, JPEG, PNG, or GD2 format. However, GD2
+# format (preferably in uncompressed format) is recommended, as it will reduce
+# the CPU load when the CGI generates the map image.
#statusmap_background_image=smbackground.gd2
-
# STATUSMAP TRANSPARENCY INDEX COLOR
# These options set the r,g,b values of the background color used the statusmap CGI,
# so normal browsers that can't show real png transparency set the desired color as
-
# DEFAULT STATUSMAP LAYOUT METHOD
# This option allows you to specify the default layout method
# the statusmap CGI should use for drawing hosts. If you do
# 3 = Balanced tree
# 4 = Circular
# 5 = Circular (Marked Up)
+# 6 = Baloon (Marked Up)
default_statusmap_layout=5
-# DEFAULT STATUSWRL LAYOUT METHOD
-# This option allows you to specify the default layout method
-# the statuswrl (VRML) CGI should use for drawing hosts. If you
-# do not use this option, the default is to use user-defined
-# coordinates. Valid options are as follows:
-# 0 = User-defined coordinates
-# 2 = Collapsed tree
-# 3 = Balanced tree
-# 4 = Circular
-
-default_statuswrl_layout=4
-
-
-
-# STATUSWRL INCLUDE
-# This option allows you to include your own objects in the
-# generated VRML world. It is assumed that the file
-# resides in the HTML path (i.e. /usr/local/icinga/share).
-
-#statuswrl_include=myworld.wrl
-
-
-
-# PING SYNTAX
-# This option determines what syntax should be used when
-# attempting to ping a host from the WAP interface (using
-# the statuswml CGI. You must include the full path to
-# the ping binary, along with all required options. The
-# $HOSTADDRESS$ macro is substituted with the address of
-# the host before the command is executed.
-# Please note that the syntax for the ping binary is
-# notorious for being different on virtually ever *NIX
-# OS and distribution, so you may have to tweak this to
-# work on your system.
-
-ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$
-
-
-
-# REFRESH RATE
-# This option allows you to specify the refresh rate in seconds
-# of various CGIs (extinfo, outages, status, statusmap and tac).
-
-refresh_rate=90
-
-
-# REFRESH TYPE
-# This option determines what type of refresh should be used.
-# You can choose between http header and javascript. By
-# default javascript (1) is activated. If you have trouble
-# using javascript then try refresh via http header (0).
-
-refresh_type=1
-
-
-# ESCAPE HTML TAGS
-# This option determines whether HTML tags in host and service
-# status output is escaped in the web interface. If enabled,
-# your plugin output will not be able to contain clickable links.
-
-escape_html_tags=1
-
-
-
-# PERSISTENT ACKNOWLEDGEMENT COMMENTS
-# This options determines whether the initial state of the
-# checkbox "Persistent Comment:" for service and host problem
-# acknowledgements is checked or unchecked
-
-persistent_ack_comments=0
+######################################
+#
+# STATUS (status.cgi)
+#
+######################################
# SOUND OPTIONS
# These options allow you to specify an optional audio file
-# URL TARGET FRAMES
-# These options determine the target frames in which notes and
-# action URLs will open. Default is main frame.
+# SHOW LONG PLUGIN OUTPUT IN STATUS OPTION
+# This option allows you to specify the length of status information
+# in output of status.cgi. If you set the value to 1 it shows the
+# full plugin output instead of the first line only.
+# Default value is 0.
+
+status_show_long_plugin_output=0
+
+
+
+# DISPLAY STATUS TOTAL
+# This option allows you to specify if the
+# Host Status Totals and Service Status Totals
+# should be displayed.
+# Default value is 0.
+
+display_status_totals=0
+
+
+
+# HIGHLIGHT TABLE ROWS
+# This option allows you to define if table rows in status.cgi
+# will be highlighted or not.
+# Values: 0 = disables row highlighting
+# 1 = enables row highlighting
+
+highlight_table_rows=1
+
+
+
+# SERVICE STATES TO ANNOTATE WITH CURRENT NOTIFICATION NO.
+# Set this to an OR of the service state identifiers for
+# which status.cgi should not only report "Attempts" (e.g.,
+# "3/3" for a HARD non-OK state with max_check_attempts=3)
+# but also the current notification number ("(#0)" if no
+# problem notification has been sent yet, etc.). This is
+# helpful to identify services which switched between
+# different non-OK states a lot, or services which have a
+# first_notification_delay set and are "not yet officially"
+# considered in trouble.
+# Relevant values from include/statusdata.h (look them up
+# *there* if you want to be *really* sure):
+# #define SERVICE_PENDING 1
+# #define SERVICE_OK 2
+# #define SERVICE_WARNING 4
+# #define SERVICE_UNKNOWN 8
+# #define SERVICE_CRITICAL 16
+# You'll likely want to use add_notif_num_hard=0 (default)
+# or add_notif_num_hard=28 (warn+crit+unknown). There's an
+# add_notif_num_soft affecting services in a SOFT state
+# for sake of completeness, too.
+
+#add_notif_num_hard=28
+#add_notif_num_soft=0
+
+
+
+
+######################################
+#
+# SEND COMMANDS (cmd.cgi)
+#
+######################################
+
+# Logging
+
+# USE LOGGING
+# If you want to log information from cgi's (e.g. all submitted commands)
+# then set this option to 1, default is 0 (off).
+# WARNING:
+# This log is highly experimental and changes may occure without notice. Use at your own risk!!
+
+use_logging=0
+
+
+
+# CGI LOG FILE
+# This is the cgi log file for information about what users are doing.
+# At the moment only submitted commands from cmd.cgi will be logged.
+
+cgi_log_file=/usr/share/icinga/htdocs/log/icinga-cgi.log
+
+
+
+# CGI LOG ROTATION METHOD
+# This is the log rotation method that should be used to rotate
+# the cgi log file. Values are as follows..
+# n = None - don't rotate the log
+# h = Hourly rotation (top of the hour)
+# d = Daily rotation (midnight every day)
+# w = Weekly rotation (midnight on Saturday evening)
+# m = Monthly rotation (midnight last day of month)
+
+cgi_log_rotation_method=d
+
+
+
+# CGI LOG ARCHIVE PATH
+# This is the directory where archived (rotated) cgi log files should be
+# placed (assuming you've chosen to do log rotation).
+
+cgi_log_archive_path=/usr/share/icinga/htdocs/log
+
+
+
+# FORCE COMMENT
+# This option forces the users of to comment every action they perform.
+# The comments get logged into cgi log file. This option only has effect
+# if logging is switched on. See option "use_logging"
+# Default is 0 (off), to activate it set it to 1 (on).
+
+enforce_comments_on_actions=0
+
+
+
+# SEND ACK NOTIFICATIONS
+# This options determines whether the initial state of the
+# checkbox "Send Notifications" when acknowledging a problem.
+# A value of 1 ticks the checkbox and 0 does not. The default
+# is 1, which will send notifications on acknowledged problems.
+
+send_ack_notifications=1
-action_url_target=main
-notes_url_target=main
-#action_url_target=_blank
-#notes_url_target=_blank
+# PERSISTENT ACKNOWLEDGEMENT COMMENTS
+# This options determines whether the initial state of the
+# checkbox "Persistent Comment:" for service and host problem
+# acknowledgements is checked or unchecked
+
+persistent_ack_comments=0
+
# LOCK AUTHOR NAMES OPTION
-# This option determines whether users can change the author name
-# when submitting comments, scheduling downtime. If disabled, the
-# author names will be locked into their contact name, as defined in Icinga.
-# Values: 0 = allow editing author names
-# 1 = lock author names (disallow editing)
+# This option allows you to restrict users from changing the author name
+# when submitting comments, acknowledgements, and scheduled downtime from
+# the web interface. If this option is enabled, users will be unable to
+# change the author name associated with the command request.
+#
+# Values: 0 = Allow users to change author names when submitting commands
+# 1 = Prevent users from changing author names (default)
lock_author_names=1
+# SET EXPIRE ACK BY DEFAULT
+# This option either sets or clears the checkbox for "Use Expire Time"
+# in the acknowledgement menu. Valid values are 0 (DO NOT tick the
+# checkbox by default) or 1 (tick the checkbox by default). The default
+# is 0 (leave the checkbox blank).
+
+set_expire_ack_by_default=0
+
+
+
# DEFAULT EXPIRING ACKNOWLEDGEMENT DURATION
# This option defines the default duration (in seconds) of a expiring
# acknowledgement. Default is 86400 seconds (1 day).
-# SHOW LONG PLUGIN OUTPUT IN STATUS OPTION
-# This option allows you to specify the length of status information
-# in output of status.cgi. If you set the value to 1 it shows the
-# full plugin output instead of the first line only.
-# Default value is 0.
+# DEFAULT EXPIRING DISABLED NOTIFICATIONS DURATION
+# This option defines the default duration (in seconds) of a expiring
+# disabled notifications. Default is 86400 seconds (1 day).
-status_show_long_plugin_output=0
+default_expiring_disabled_notifications_duration=86400
-# DISPLAY STATUS TOTAL
-# This option allows you to specify if the
-# Host Status Totals and Service Status Totals
-# should be displayed.
-# Default value is 0.
+# DISABLE CMD CGI CSRF PROTECTION
+# This option disables the protection against CSRF attacks
+# (Cross-Site Request Forgery). Use this option only if you are
+# using external programs (like Nagstamon) which access
+# cmd.cgi directly to submit commands. By default the submitted
+# command (via external program) will be rejected.
+# The default is 0 (protection is on).
-display_status_totals=0
+disable_cmd_cgi_csrf_protection=0
+
+######################################
+#
+# TACTICAL OVERVIEW (tac.cgi)
+#
+######################################
+
# SHOW ONLY HARD STATES IN TAC OPTION
# This options allows you to specify if the tactical overview
# should only show hard states on hosts and services.
+# SHOW PENDING IN TAC HEADER
+# This options enables the display of pending counts in
+# the tac header. If your display is less than 1024x768
+# and this is enabled, the tactical information may not
+# fit well in the top frame.
+# By default it is enabled.
+
+show_tac_header_pending=1
+
+
+
+
+######################################
+#
+# EXTENDED INFO (extinfo.cgi)
+#
+######################################
+
+# EXCLUDE CUSTOMVAR NAMES
+# This Option allows you to specify a comma seperated list of
+# custom variable names which are automatically excluded when
+# a variable name would contain that name.
+# NOTE: For security reasons, you should at least exclude all
+# sensitive information like passwords, snmp communities, etc
+# Use * to exclude all custom variable names.
+
+exclude_customvar_name=PASSWORD,COMMUNITY
+
+
+
+# EXCLUDE CUSTOMVAR VALUES
+# This Option allows you to specify a comma seperated list of
+# custom variable values which are automatically excluded when
+# a variable value would contain that value.
+# NOTE: For security reasons, you should at least exclude all
+# sensitive information like passwords, snmp communities, etc
+# Use * to exclude all custom variable values.
+
+exclude_customvar_value=secret
+
+
+
# SHOW CHILD HOSTS IN EXTINFO OPTION
# This Option allows you to specify if the extended host information
# cgi will show child hosts for the selected host.
-# SUPPRESS MAINTENANCE DOWNTIME
-# This options suppresses the state coloring of hosts and services
-# that are in a scheduled downtime. It sets their coloring to gray,
-# so they no longer draw extra attention to themselves, making it
-# so only actual problems are the ones that stand out.
-# By default it is disabled.
-
-suppress_maintenance_downtime=0
-
-
-# SHOW TAC INFORMATION IN TOP FRAME
-# This options places tactical overview information in
-# the top frame similar to the view that's in icinga-web.
-# By default it is enabled.
-
-show_tac_header=1
+# TAB-FRIENDLY <TITLE>S
+# Activating this option changes the <title> of status.cgi
+# and extinfo.cgi when they refer to a single host, service,
+# or group. They will then read:
+# [Host]
+# {HostGroup}
+# ServiceDesc @ Host
+# (ServiceGroup)
+# These are easier to read and find if you use (many) tabs
+# in your browser.
+# Default is enabled. 0=disabled, 1=enabled
+tab_friendly_titles=1
-# SHOW PENDING IN TAC HEADER
-# This options enables the display of pending counts in
-# the tac header. If your display is less than 1024x768
-# and this is enabled, the tactical information may not
-# fit well in the top frame.
-# By default it is enabled.
-show_tac_header_pending=1
+######################################
+#
+# SHOWLOG (showlog.cgi)
+#
+######################################
# SHOW INITIAL STATES IN SHOWLOG OPTION
# This options allows you to specify if initial states
# of hosts and services should be shown in showlog.cgi
# Note: This Option only works if the option
# "log_initial_states" in icinga.cfg is set to 1.
-# By default it's enabled. Default is 0.
+# By default it's disabled. Default is 0.
#showlog_initial_states=0
# of hosts and services should be shown in showlog.cgi
# Note: This Option only works if the option
# "log_current_states" in icinga.cfg is set to 1.
-# By default it's enabled. Default is 0.
+# By default it's disabled. Default is 0.
#showlog_current_states=0
-# DEFAULT NUM DISPLAYED LOG ENTRIES OPTION
-# This options specifies the number of log entries
-# displayed by default in showlog.cgi. To display
-# all log entries by default set this value to 0.
-# Default is 10000.
-#default_num_displayed_log_entries=10000
+######################################
+#
+# SPLUNK INTEGRATION (VARIOUS CGIs)
+#
+######################################
+# SPLUNK INTEGRATION OPTIONS
+# These options allow you to enable integration with Splunk
+# in the web interface. If enabled, you'll be presented with
+# "Splunk It" links in various places in the CGIs (log file,
+# alert history, host/service detail, etc). Useful if you're
+# trying to research why a particular problem occurred.
+# For more information on Splunk, visit http://www.splunk.com/
+# This option determines whether the Splunk integration is enabled
+# Values: 0 = disable Splunk integration
+# 1 = enable Splunk integration
-# CSV DELIMITER
-# This option determines the character which should act as
-# delimiter. Default is ";".
+#enable_splunk_integration=1
-#csv_delimiter=;
+# This option should be the URL used to access your instance of Splunk
-# CSV DATA ENCLOSURE
-# This option determines the character which should act as
-# data enclosure to wrap in the data. Default is "'".
+#splunk_url=http://127.0.0.1:8000/
-#csv_data_enclosure='
-# TAB-FRIENDLY <TITLE>S
-# Activating this option changes the <title> of status.cgi
-# and extinfo.cgi when they refer to a single host, service,
-# or group. They will then read:
-# [Host]
-# {HostGroup}
-# ServiceDesc @ Host
-# (ServiceGroup)
-# These are easier to read and find if you use (many) tabs
-# in your browser.
-# Default is enabled. 0=disabled, 1=enabled
+######################################
+#
+# STANDALONE (ICINGA 2) OPTIONS
+# requires standalone_installation=1
+#
+######################################
-tab_friendly_titles=1
+# OBJECT CACHE FILE
+# This option determines where object definitions are cached when
+# Icinga starts/restarts. The CGIs read object definitions from
+# this cache file (rather than looking at the object config files
+# directly) in order to prevent inconsistencies that can occur
+# when the config files are modified after Icinga starts.
+# Icinga 2 provides this file through its compat component, if enabled.
+object_cache_file=/var/cache/icinga/objects.cache
-# SERVICE STATES TO ANNOTATE WITH CURRENT NOTIFICATION NO.
-# Set this to an OR of the service state identifiers for
-# which status.cgi should not only report "Attempts" (e.g.,
-# "3/3" for a HARD non-OK state with max_check_attempts=3)
-# but also the current notification number ("(#0)" if no
-# problem notification has been sent yet, etc.). This is
-# helpful to identify services which switched between
-# different non-OK states a lot, or services which have a
-# first_notification_delay set and are "not yet officially"
-# considered in trouble.
-# Relevant values from include/statusdata.h (look them up
-# *there* if you want to be *really* sure):
-# #define SERVICE_PENDING 1
-# #define SERVICE_OK 2
-# #define SERVICE_WARNING 4
-# #define SERVICE_UNKNOWN 8
-# #define SERVICE_CRITICAL 16
-# You'll likely want to use add_notif_num_hard=0 (default)
-# or add_notif_num_hard=28 (warn+crit+unknown). There's an
-# add_notif_num_soft affecting services in a SOFT state
-# for sake of completeness, too.
-#add_notif_num_hard=28
-#add_notif_num_soft=0
+# STATUS FILE
+# This is where the current status of all monitored services and
+# hosts is stored. Its contents are read and processed by the CGIs.
+# The contents of the status file are deleted every time Icinga
+# restarts.
+# Icinga 2 provides this file through its compat component, if enabled.
+status_file=/var/cache/icinga/status.dat
-# SPLUNK INTEGRATION OPTIONS
-# These options allow you to enable integration with Splunk
-# in the web interface. If enabled, you'll be presented with
-# "Splunk It" links in various places in the CGIs (log file,
-# alert history, host/service detail, etc). Useful if you're
-# trying to research why a particular problem occurred.
-# For more information on Splunk, visit http://www.splunk.com/
-# This option determines whether the Splunk integration is enabled
-# Values: 0 = disable Splunk integration
-# 1 = enable Splunk integration
-#enable_splunk_integration=1
+# RESOURCE FILE
+# This is an optional resource file that contains $USERx$ macro
+# definitions. Multiple resource files can be specified by using
+# multiple resource_file definitions. The CGIs will not attempt to
+# read the contents of resource files, so information that is
+# considered to be sensitive (usernames, passwords, etc) can be
+# defined as macros in this file and restrictive permissions (600)
+# can be placed on this file.
+resource_file=/etc/icinga/resource.cfg
-# This option should be the URL used to access your instance of Splunk
-#splunk_url=http://127.0.0.1:8000/
+
+# EXTERNAL COMMAND FILE
+# This is the file that Icinga checks for external command requests.
+# It is also where the command CGI will write commands that are submitted
+# by users, so it must be writeable by the user that the web server
+# is running as (usually 'nobody'). Permissions should be set at the
+# directory level instead of on the file, as the file is deleted every
+# time its contents are processed.
+# Icinga 2 provides this file through its compat component, if enabled.
+
+command_file=/var/lib/icinga/rw/icinga.cmd
+
+
+
+# EXTERNAL COMMAND OPTION
+# This option allows you to specify whether or not Icinga should check
+# for external commands (in the command file defined below). By default
+# Icinga will *not* check for external commands, just to be on the
+# cautious side. If you want to be able to use the CGI command interface
+# you will have to enable this.
+# Values: 0 = disable commands, 1 = enable commands
+
+check_external_commands=1
+
+
+
+# INTERVAL LENGTH
+# This is the seconds per unit interval as used in the
+# host/contact/service configuration files. Setting this to 60 means
+# that each interval is one minute long (60 seconds). Other settings
+# have not been tested much, so your mileage is likely to vary...
+
+interval_length=60
+
+
+
+# STATUS FILE UPDATE INTERVAL
+# This option determines the frequency (in seconds) that
+# Icinga will periodically dump program, host, and
+# service status data.
+# Increase the value, if you don't require it that often.
+
+#status_update_interval=30
+status_update_interval=10
+
+
+
+# LOG FILE
+# This is the main log file where service and host events are logged
+# for historical purposes. This should be the first option specified
+# in the config file!!!
+# Icinga 2 provides this file through its compat component, if enabled.
+
+log_file=/var/log/icinga/icinga.log
+
+
+
+# LOG ROTATION METHOD
+# This is the log rotation method that Icinga should use to rotate
+# the main log file. Values are as follows..
+# n = None - don't rotate the log
+# h = Hourly rotation (top of the hour)
+# d = Daily rotation (midnight every day)
+# w = Weekly rotation (midnight on Saturday evening)
+# m = Monthly rotation (midnight last day of month)
+
+log_rotation_method=d
+
+
+
+# LOG ARCHIVE PATH
+# This is the directory where archived (rotated) log files should be
+# placed (assuming you've chosen to do log rotation).
+# Icinga 2 provides this file through its compat component, if enabled.
+
+log_archive_path=/var/log/icinga/archives
+
+
+
+# DATE FORMAT OPTION
+# This option determines how short dates are displayed. Valid options
+# include:
+# us (MM-DD-YYYY HH:MM:SS)
+# euro (DD-MM-YYYY HH:MM:SS)
+# iso8601 (YYYY-MM-DD HH:MM:SS)
+# strict-iso8601 (YYYY-MM-DDTHH:MM:SS)
+#
+
+date_format=us
-result_limit=0
+# EOF
projects / mirror / dsa-nagios.git / commitdiff