Skip to content
This repository has been archived by the owner on Jan 15, 2019. It is now read-only.

[dev.icinga.com #3810] add executed cmd and execution errors as attribute to checks/eventhandlers #1226

Closed
icinga-migration opened this issue Mar 8, 2013 · 8 comments
Closed

[dev.icinga.com #3810] add executed cmd and execution errors as attribute to checks/eventhandlers #1226

icinga-migration opened this issue Mar 8, 2013 · 8 comments
Labels
enhancement Low

Comments

@icinga-migration
Copy link

This issue has been migrated from Redmine: https://dev.icinga.com/issues/3810

Created by mfriedrich on 2013-03-08 15:33:32 +00:00

Assignee: (none)
Status: Rejected (closed on 2014-07-19 13:02:18 +00:00)
Target Version: (none)
Last Update: 2014-07-19 13:02:18 +00:00 (in Redmine)

which may be populated by the core

  • on command execution, save the raw command line, so that the guis may show the debug output
  • when the command returns with an error (either check or eventhandler or notification), save it somewhere

for those 2 features, qualified export to backends (status.dat, idoutils) should be added as attributes, plus support on classic ui and icinga web too.

inherited from this idea: http://feedback.icinga.org/forums/50329-general/suggestions/3309957-make-eventhandler-output-visible-especially-error

Changesets

2013-03-10 13:26:02 +00:00 by (unknown) c3f564f

WIP: executed command on checks

refs #3810

2013-03-10 20:56:02 +00:00 by (unknown) 4945c54

idoutils: add executed command from core host/service status

this is the additional entry for getting the data from idomod over to
ido2db and all three database backends.

so we may use that with icinga web then.

refs #3810
refs #1137

2013-03-10 21:04:12 +00:00 by (unknown) 1f16e1e

update Changelog for refs #3810

2013-03-11 18:03:29 +00:00 by (unknown) f65e32a

Revert "update Changelog for refs #3810"

This reverts commit 1f16e1eb138cf2e680a568b09cbd7843646c4b55.

Relations:
@icinga-migration
Copy link
Author

Updated by mfriedrich on 2013-03-08 20:18:38 +00:00

  • Status changed from New to Assigned
  • Assigned to set to mfriedrich

if it works out, this can be used for finally resolving #1137

@icinga-migration
Copy link
Author

Updated by mfriedrich on 2013-03-08 20:21:25 +00:00

furthermore, as commands may contain sensitive information, we should re-use the "authorized_for_full_command_resolution" option from cgi.cfg in order to explicitely allow users to view the executed command. plus - add some javascript to optionally slide it in.

@icinga-migration
Copy link
Author

Updated by mfriedrich on 2013-03-10 20:43:45 +00:00

some ido backend queries for the *status tables where we gonna use that from icinga-web.

Sun Mar 10 21:38:56 2013 .454091 [002.0] [pid=4544] [tid=139954115196672] UPDATE icinga_servicestatus SET instance_id=1, service_object_id=1645, status_update_time=FROM_UNIXTIME(1362947702), output='test_host_059 \(checked by icinga-dev\) OK: ok warning: \'\$this\$ is a test\"te\$st\\abc\\def', long_output='', perfdata='/=2643MB;5948;5958;0;5968', current_state=0, has_been_checked=1, should_be_scheduled=1, current_check_attempt=1, max_check_attempts=3, last_check=FROM_UNIXTIME(1362947692), next_check=FROM_UNIXTIME(1362954892), check_type=0, last_state_change=FROM_UNIXTIME(1345937854), last_hard_state_change=FROM_UNIXTIME(1345937854), last_hard_state=0, last_time_ok=FROM_UNIXTIME(1362947692), last_time_warning='0000-00-00 00:00:00', last_time_unknown='0000-00-00 00:00:00', last_time_critical='0000-00-00 00:00:00', state_type=1, last_notification='0000-00-00 00:00:00', next_notification='0000-00-00 00:00:00', no_more_notifications=0, notifications_enabled=1, problem_has_been_acknowledged=0, acknowledgement_type=0, current_notification_number=0, passive_checks_enabled=1, active_checks_enabled=1, event_handler_enabled=1, flap_detection_enabled=1, is_flapping=0, percent_state_change='0.000000', latency='0.956000', execution_time='0.145720', scheduled_downtime_depth=0, failure_prediction_enabled=1, process_performance_data=1, obsess_over_service=1, modified_service_attributes=0, event_handler='', check_command='check_service!ok', normal_check_interval='120.000000', retry_check_interval='60.000000', check_timeperiod_object_id=2, executed_command='' WHERE service_object_id=1645
Sun Mar 10 21:38:56 2013 .466338 [002.0] [pid=4544] [tid=139954115196672] UPDATE icinga_servicestatus SET instance_id=1, service_object_id=1645, status_update_time=FROM_UNIXTIME(1362947702), output='test_host_059 \(checked by icinga-dev\) OK: ok warning: \'\$this\$ is a test\"te\$st\\abc\\def', long_output='', perfdata='/=2643MB;5948;5958;0;5968', current_state=0, has_been_checked=1, should_be_scheduled=1, current_check_attempt=1, max_check_attempts=3, last_check=FROM_UNIXTIME(1362947692), next_check=FROM_UNIXTIME(1362954892), check_type=0, last_state_change=FROM_UNIXTIME(1345937854), last_hard_state_change=FROM_UNIXTIME(1345937854), last_hard_state=0, last_time_ok=FROM_UNIXTIME(1362947692), last_time_warning='0000-00-00 00:00:00', last_time_unknown='0000-00-00 00:00:00', last_time_critical='0000-00-00 00:00:00', state_type=1, last_notification='0000-00-00 00:00:00', next_notification='0000-00-00 00:00:00', no_more_notifications=0, notifications_enabled=1, problem_has_been_acknowledged=0, acknowledgement_type=0, current_notification_number=0, passive_checks_enabled=1, active_checks_enabled=1, event_handler_enabled=1, flap_detection_enabled=1, is_flapping=0, percent_state_change='0.000000', latency='0.956000', execution_time='0.145720', scheduled_downtime_depth=0, failure_prediction_enabled=1, process_performance_data=1, obsess_over_service=1, modified_service_attributes=0, event_handler='', check_command='check_service!ok', normal_check_interval='120.000000', retry_check_interval='60.000000', check_timeperiod_object_id=2, executed_command='' WHERE service_object_id=1645
Sun Mar 10 21:38:56 2013 .478981 [002.0] [pid=4544] [tid=139954115196672] UPDATE icinga_servicestatus SET instance_id=1, service_object_id=1662, status_update_time=FROM_UNIXTIME(1362947702), output='test_host_060 \(checked by icinga-dev\) OK: ok warning: \'\$this\$ is a test\"te\$st\\abc\\def', long_output='', perfdata='/=2643MB;5948;5958;0;5968', current_state=0, has_been_checked=1, should_be_scheduled=1, current_check_attempt=1, max_check_attempts=3, last_check=FROM_UNIXTIME(1362947693), next_check=FROM_UNIXTIME(1362954893), check_type=0, last_state_change=FROM_UNIXTIME(1345940333), last_hard_state_change=FROM_UNIXTIME(1345940333), last_hard_state=0, last_time_ok=FROM_UNIXTIME(1362947693), last_time_warning='0000-00-00 00:00:00', last_time_unknown='0000-00-00 00:00:00', last_time_critical='0000-00-00 00:00:00', state_type=1, last_notification='0000-00-00 00:00:00', next_notification='0000-00-00 00:00:00', no_more_notifications=0, notifications_enabled=1, problem_has_been_acknowledged=0, acknowledgement_type=0, current_notification_number=0, passive_checks_enabled=1, active_checks_enabled=1, event_handler_enabled=1, flap_detection_enabled=1, is_flapping=0, percent_state_change='0.000000', latency='1.018000', execution_time='0.145120', scheduled_downtime_depth=0, failure_prediction_enabled=1, process_performance_data=1, obsess_over_service=1, modified_service_attributes=0, event_handler='', check_command='check_service!ok', normal_check_interval='120.000000', retry_check_interval='60.000000', check_timeperiod_object_id=2, executed_command='' WHERE service_object_id=1662
Sun Mar 10 21:38:56 2013 .491667 [002.0] [pid=4544] [tid=139954115196672] UPDATE icinga_servicestatus SET instance_id=1, service_object_id=1662, status_update_time=FROM_UNIXTIME(1362947702), output='test_host_060 \(checked by icinga-dev\) OK: ok warning: \'\$this\$ is a test\"te\$st\\abc\\def', long_output='', perfdata='/=2643MB;5948;5958;0;5968', current_state=0, has_been_checked=1, should_be_scheduled=1, current_check_attempt=1, max_check_attempts=3, last_check=FROM_UNIXTIME(1362947693), next_check=FROM_UNIXTIME(1362954893), check_type=0, last_state_change=FROM_UNIXTIME(1345940333), last_hard_state_change=FROM_UNIXTIME(1345940333), last_hard_state=0, last_time_ok=FROM_UNIXTIME(1362947693), last_time_warning='0000-00-00 00:00:00', last_time_unknown='0000-00-00 00:00:00', last_time_critical='0000-00-00 00:00:00', state_type=1, last_notification='0000-00-00 00:00:00', next_notification='0000-00-00 00:00:00', no_more_notifications=0, notifications_enabled=1, problem_has_been_acknowledged=0, acknowledgement_type=0, current_notification_number=0, passive_checks_enabled=1, active_checks_enabled=1, event_handler_enabled=1, flap_detection_enabled=1, is_flapping=0, percent_state_change='0.000000', latency='1.018000', execution_time='0.145120', scheduled_downtime_depth=0, failure_prediction_enabled=1, process_performance_data=1, obsess_over_service=1, modified_service_attributes=0, event_handler='', check_command='check_service!ok', normal_check_interval='120.000000', retry_check_interval='60.000000', check_timeperiod_object_id=2, executed_command='' WHERE service_object_id=1662
Sun Mar 10 21:38:56 2013 .504388 [002.0] [pid=4544] [tid=139954115196672] UPDATE icinga_servicestatus SET instance_id=1, service_object_id=1679, status_update_time=FROM_UNIXTIME(1362947702), output='test_host_061 \(checked by icinga-dev\) OK: ok warning: \'\$this\$ is a test\"te\$st\\abc\\def', long_output='', perfdata='/=2643MB;5948;5958;0;5968', current_state=0, has_been_checked=1, should_be_scheduled=1, current_check_attempt=1, max_check_attempts=3, last_check=FROM_UNIXTIME(1362947693), next_check=FROM_UNIXTIME(1362954893), check_type=0, last_state_change=FROM_UNIXTIME(1345939054), last_hard_state_change=FROM_UNIXTIME(1345939054), last_hard_state=0, last_time_ok=FROM_UNIXTIME(1362947693), last_time_warning='0000-00-00 00:00:00', last_time_unknown='0000-00-00 00:00:00', last_time_critical='0000-00-00 00:00:00', state_type=1, last_notification='0000-00-00 00:00:00', next_notification='0000-00-00 00:00:00', no_more_notifications=0, notifications_enabled=1, problem_has_been_acknowledged=0, acknowledgement_type=0, current_notification_number=0, passive_checks_enabled=1, active_checks_enabled=1, event_handler_enabled=1, flap_detection_enabled=1, is_flapping=0, percent_state_change='0.000000', latency='0.077000', execution_time='0.146110', scheduled_downtime_depth=0, failure_prediction_enabled=1, process_performance_data=1, obsess_over_service=1, modified_service_attributes=0, event_handler='', check_command='check_service!ok', normal_check_interval='120.000000', retry_check_interval='60.000000', check_timeperiod_object_id=2, executed_command='' WHERE service_object_id=1679
Sun Mar 10 21:38:56 2013 .517249 [002.0] [pid=4544] [tid=139954115196672] UPDATE icinga_servicestatus SET instance_id=1, service_object_id=1679, status_update_time=FROM_UNIXTIME(1362947702), output='test_host_061 \(checked by icinga-dev\) OK: ok warning: \'\$this\$ is a test\"te\$st\\abc\\def', long_output='', perfdata='/=2643MB;5948;5958;0;5968', current_state=0, has_been_checked=1, should_be_scheduled=1, current_check_attempt=1, max_check_attempts=3, last_check=FROM_UNIXTIME(1362947693), next_check=FROM_UNIXTIME(1362954893), check_type=0, last_state_change=FROM_UNIXTIME(1345939054), last_hard_state_change=FROM_UNIXTIME(1345939054), last_hard_state=0, last_time_ok=FROM_UNIXTIME(1362947693), last_time_warning='0000-00-00 00:00:00', last_time_unknown='0000-00-00 00:00:00', last_time_critical='0000-00-00 00:00:00', state_type=1, last_notification='0000-00-00 00:00:00', next_notification='0000-00-00 00:00:00', no_more_notifications=0, notifications_enabled=1, problem_has_been_acknowledged=0, acknowledgement_type=0, current_notification_number=0, passive_checks_enabled=1, active_checks_enabled=1, event_handler_enabled=1, flap_detection_enabled=1, is_flapping=0, percent_state_change='0.000000', latency='0.077000', execution_time='0.146110', scheduled_downtime_depth=0, failure_prediction_enabled=1, process_performance_data=1, obsess_over_service=1, modified_service_attributes=0, event_handler='', check_command='check_service!ok', normal_check_interval='120.000000', retry_check_interval='60.000000', check_timeperiod_object_id=2, executed_command='' WHERE service_object_id=1679
Sun Mar 10 21:38:56 2013 .529908 [002.0] [pid=4544] [tid=139954115196672] UPDATE icinga_servicestatus SET instance_id=1, service_object_id=1693, status_update_time=FROM_UNIXTIME(1362947702), output='test_host_062 \(checked by icinga-dev\) OK: ok warning: \'\$this\$ is a test\"te\$st\\abc\\def', long_output='', perfdata='/=2643MB;5948;5958;0;5968', current_state=0, has_been_checked=1, should_be_scheduled=1, current_check_attempt=1, max_check_attempts=3, last_check=FROM_UNIXTIME(1362947693), next_check=FROM_UNIXTIME(1362954893), check_type=0, last_state_change=FROM_UNIXTIME(1345937954), last_hard_state_change=FROM_UNIXTIME(1345937954), last_hard_state=0, last_time_ok=FROM_UNIXTIME(1362947693), last_time_warning='0000-00-00 00:00:00', last_time_unknown='0000-00-00 00:00:00', last_time_critical='0000-00-00 00:00:00', state_type=1, last_notification='0000-00-00 00:00:00', next_notification='0000-00-00 00:00:00', no_more_notifications=0, notifications_enabled=1, problem_has_been_acknowledged=0, acknowledgement_type=0, current_notification_number=0, passive_checks_enabled=1, active_checks_enabled=1, event_handler_enabled=1, flap_detection_enabled=1, is_flapping=0, percent_state_change='0.000000', latency='0.135000', execution_time='0.151920', scheduled_downtime_depth=0, failure_prediction_enabled=1, process_performance_data=1, obsess_over_service=1, modified_service_attributes=0, event_handler='', check_command='check_service!ok', normal_check_interval='120.000000', retry_check_interval='60.000000', check_timeperiod_object_id=2, executed_command='' WHERE service_object_id=1693
Sun Mar 10 21:38:56 2013 .542332 [002.0] [pid=4544] [tid=139954115196672] UPDATE icinga_servicestatus SET instance_id=1, service_object_id=1693, status_update_time=FROM_UNIXTIME(1362947702), output='test_host_062 \(checked by icinga-dev\) OK: ok warning: \'\$this\$ is a test\"te\$st\\abc\\def', long_output='', perfdata='/=2643MB;5948;5958;0;5968', current_state=0, has_been_checked=1, should_be_scheduled=1, current_check_attempt=1, max_check_attempts=3, last_check=FROM_UNIXTIME(1362947693), next_check=FROM_UNIXTIME(1362954893), check_type=0, last_state_change=FROM_UNIXTIME(1345937954), last_hard_state_change=FROM_UNIXTIME(1345937954), last_hard_state=0, last_time_ok=FROM_UNIXTIME(1362947693), last_time_warning='0000-00-00 00:00:00', last_time_unknown='0000-00-00 00:00:00', last_time_critical='0000-00-00 00:00:00', state_type=1, last_notification='0000-00-00 00:00:00', next_notification='0000-00-00 00:00:00', no_more_notifications=0, notifications_enabled=1, problem_has_been_acknowledged=0, acknowledgement_type=0, current_notification_number=0, passive_checks_enabled=1, active_checks_enabled=1, event_handler_enabled=1, flap_detection_enabled=1, is_flapping=0, percent_state_change='0.000000', latency='0.135000', execution_time='0.151920', scheduled_downtime_depth=0, failure_prediction_enabled=1, process_performance_data=1, obsess_over_service=1, modified_service_attributes=0, event_handler='', check_command='check_service!ok', normal_check_interval='120.000000', retry_check_interval='60.000000', check_timeperiod_object_id=2, executed_command='' WHERE service_object_id=1693
Sun Mar 10 21:38:56 2013 .555726 [002.0] [pid=4544] [tid=139954115196672] UPDATE icinga_hoststatus SET instance_id=1, host_object_id=370, status_update_time=FROM_UNIXTIME(1362947702), output='test_host_106 \(checked by icinga-dev\) OK: ok hostcheck', long_output='', perfdata='/=2643MB;5948;5958;0;5968', current_state=0, has_been_checked=1, should_be_scheduled=1, current_check_attempt=1, max_check_attempts=5, last_check=FROM_UNIXTIME(1362947693), next_check=FROM_UNIXTIME(1362954902), check_type=0, last_state_change=FROM_UNIXTIME(1345935748), last_hard_state_change=FROM_UNIXTIME(1345935748), last_hard_state=0, last_time_up=FROM_UNIXTIME(1362947702), last_time_down='0000-00-00 00:00:00', last_time_unreachable='0000-00-00 00:00:00', state_type=1, last_notification='0000-00-00 00:00:00', next_notification='0000-00-00 00:00:00', no_more_notifications=0, notifications_enabled=1, problem_has_been_acknowledged=0, acknowledgement_type=0, current_notification_number=0, passive_checks_enabled=1, active_checks_enabled=1, event_handler_enabled=1, flap_detection_enabled=1, is_flapping=0, percent_state_change='0.000000', latency='0.198000', execution_time='0.146830', scheduled_downtime_depth=0, failure_prediction_enabled=1, process_performance_data=1, obsess_over_host=1, modified_host_attributes=0, event_handler='', check_command='check-host-alive-parent!up!\$HOSTSTATE:test_router_4\$', normal_check_interval='120.000000', retry_check_interval='60.000000', check_timeperiod_object_id=2, executed_command='/usr/lib/nagios/plugins/test_hostcheck\.pl --type=up --failchance=2% --previous-state=UP --state-duration=17011945 --parent-state=UP --hostname test_host_106' WHERE host_object_id=370
Sun Mar 10 21:38:56 2013 .567645 [002.0] [pid=4544] [tid=139954115196672] UPDATE icinga_hoststatus SET instance_id=1, host_object_id=370, status_update_time=FROM_UNIXTIME(1362947702), output='test_host_106 \(checked by icinga-dev\) OK: ok hostcheck', long_output='', perfdata='/=2643MB;5948;5958;0;5968', current_state=0, has_been_checked=1, should_be_scheduled=1, current_check_attempt=1, max_check_attempts=5, last_check=FROM_UNIXTIME(1362947693), next_check=FROM_UNIXTIME(1362954902), check_type=0, last_state_change=FROM_UNIXTIME(1345935748), last_hard_state_change=FROM_UNIXTIME(1345935748), last_hard_state=0, last_time_up=FROM_UNIXTIME(1362947702), last_time_down='0000-00-00 00:00:00', last_time_unreachable='0000-00-00 00:00:00', state_type=1, last_notification='0000-00-00 00:00:00', next_notification='0000-00-00 00:00:00', no_more_notifications=0, notifications_enabled=1, problem_has_been_acknowledged=0, acknowledgement_type=0, current_notification_number=0, passive_checks_enabled=1, active_checks_enabled=1, event_handler_enabled=1, flap_detection_enabled=1, is_flapping=0, percent_state_change='0.000000', latency='0.198000', execution_time='0.146830', scheduled_downtime_depth=0, failure_prediction_enabled=1, process_performance_data=1, obsess_over_host=1, modified_host_attributes=0, event_handler='', check_command='check-host-alive-parent!up!\$HOSTSTATE:test_router_4\$', normal_check_interval='120.000000', retry_check_interval='60.000000', check_timeperiod_object_id=2, executed_command='/usr/lib/nagios/plugins/test_hostcheck\.pl --type=up --failchance=2% --previous-state=UP --state-duration=17011945 --parent-state=UP --hostname test_host_106' WHERE host_object_id=370

@icinga-migration
Copy link
Author

Updated by mfriedrich on 2013-03-10 21:06:16 +00:00

for the error/debug field, as well as event handlers, i have no special idea right now.

@icinga-migration
Copy link
Author

Updated by mfriedrich on 2013-03-11 13:18:08 +00:00

might be a good idea to make this optional, as the checkresult files may relate to security concerns then too.

@icinga-migration
Copy link
Author

Updated by mfriedrich on 2013-03-11 18:08:43 +00:00

  • Status changed from Assigned to Feedback
  • Assigned to deleted mfriedrich
  • Target Version deleted 1.9

during a long discussion this was reflected as potential security risk exposing user macros and custom variables containing sensitive information. which may be leaked in the checkresult files, as well as within the data structures themselves.

so this won't be lost, but kept on a different branch, not currently released (and likely never, but that's another story). basically if the checkresult processing would happen in memory on the process itsself, it would be just the application's problem to limit the view on it. but with the core writing temporary files this is currently not possible.

@icinga-migration
Copy link
Author

Updated by mfriedrich on 2014-01-03 20:18:44 +00:00

  • Priority changed from Normal to Low

@icinga-migration
Copy link
Author

Updated by mfriedrich on 2014-07-19 13:02:18 +00:00

  • Status changed from Feedback to Rejected

Too much security exposure involved.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement Low
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@icinga-migration