Vagrant boxes revamped

vagrant-logoWe’ve found Vagrant pretty useful for our demo cases – the first draft of the Icinga 2 Cluster happened to be a NETWAYS CeBit demo and evolved ever since. icinga-vagrant was added is official Icinga project similar to what we have with our Docker demos and gained more attraction by testers and developers.

The good thing about Vagrant using different providers is – you can even run these demos on Windows. You’ll need some prerequisites to make it work on Windows though – Git with SSH and Ruby. On Linux the Vagrant packages already requires them. Additionally you’ll need at least the following versions:

  • Vagrant >= 1.6.5
  • VirtualBox >= 4.2.16

Our default provider is VirtualBox where these boxes are regularly tested on. The underlying provisioner is using Puppet modules to setup the Vagrant environment. This installs for example Apache, MySQL, Plugins, Icinga 2 and Icinga Web 2 in the icinga2x box. The Icinga packages are pulled from our snapshot repositories allowing developers and testers fetching the latest and greatest – and also help finding bugs soon enough :-)

Currently there are four different Vagrant environments available for testing:

  • icinga2x: Standalone Icinga 2 box with user interfaces: Icinga Web 2, Icinga Web 1.x and Classic UI 1.x
  • icinga2x-cluster: Icinga 2 Cluster as Master-Checker setup. Includes Icinga Web 2 as user interface.
  • icinga2x-graylog2: Special Graylog demo environment with standalone Icinga 2
  • icinga1x: Standalone Icinga 1.x Core with Icinga Web 1.x and Classic UI 1.x. Includes Jasper-Reporting.

Note that icinga1x will stick with CentOS6 due to the Reporting integration (unless someone sends a patch). The other boxes have been upgraded recently to use CentOS 7.1 as base box.

There were several changes in the past months, refactoring the required git modules from submodules to subtree and also updating the demo configuration. All icinga2x boxes also share common host-only IP addresses for easier access. Once puppet-icinga2 and puppet-icingaweb2 become ready, they’ll be included inside the provisioning mechanism replacing our own local modules. In order to keep it simple, you may just download the latest release tarball instead of cloning the git repository.

Start away with the Icinga 2 box:

$ git clone
$ cd icinga-vagrant
$ cd icinga2x
$ vagrant up

Open your browser and navigate to the host-only ip addresses (Login: icingaadmin/icinga)

If you encounter problems, please open an issue at – meanwhile enjoy the Vagrant show! :-)

Icinga 2 bugfix release v2.3.8

2.3.7 last week introduced a problem with DB IDO PostgreSQL when fixing a separate issue. Next to that we’ve also backported some more fixes from our development tree for 2.4 into v2.3.8.

Check the Changelog below while preparing your update.


What’s New in Version 2.3.8


  • Bugfixes


  • Bug 9554: Don’t allow “ignore where” for groups when there’s no “assign where”
  • Bug 9634: DB IDO: Do not update endpointstatus table on config updates
  • Bug 9637: Wrong parameter for CheckCommand “ping-common-windows”
  • Bug 9665: Escaping does not work for OpenTSDB perfdata plugin
  • Bug 9666: checkcommand disk does not check free inode – check_disk

Bugfix releases: Icinga 2 v2.3.7 and Icinga v1.13.3

This time we’ll release two Icinga Core bugfix releases – Icinga 2 v2.3.7 and Icinga v1.13.3.

Package updates are available soon, meanwhile check the Changelog below.


What’s New in Version 2.3.7


  • Bugfixes


  • Feature 9610: Enhance troubleshooting ssl errors & cluster replay log


  • Bug 9406: Selective cluster reconnecting breaks client communication
  • Bug 9535: Config parser ignores “ignore” in template definition
  • Bug 9584: Incorrect return value for the macro() function
  • Bug 9585: Wrong formatting in DB IDO extensions docs
  • Bug 9586: DB IDO: endpoint* tables are cleared on reload causing constraint violations
  • Bug 9621: Assertion failed in icinga::ScriptUtils::Intersection
  • Bug 9622: Missing lock in ScriptUtils::Union

What’s New in Version 1.13.3


  • Bugfixes


  • Bug 7337: Only use SCHEDULE_HOST_DOWNTIME command for Icinga 2.x
  • Bug 8130: Wrong values for percent_* when using hostgroup in availability report
  • Bug 9020: Solaris package behaves badly upon uninstall
  • Bug 9106: Icinga no longer sending acknowledgement notifications
  • Bug 9240: invalid JSON for flapping threshold configuration

Icinga 2 bugfix release v2.3.6

While updating the documentation and Icinga Template Library definitions, we’ve also tackled a more severe problem with OpenSSL on SLES11 SP3 with this bugfix release v2.3.6.

icinga2_sles11_opensslSLES11 uses the old 0.9.8j release causing trouble when verifying the SSL certificates generated from ‘node wizard’ commands (see #9549 for a detailed analysis). The problem became even more weird when debugging it, so we decided to go for the only safe solution – link against openssl1 from the Security Module repository.

The package update for SLES11 requires openssl1, please ensure enabling the repository beforehand. You can use this small check script “check_icinga2_openssl” (shown in the screenshot).

Other than that, we’ve also fixed some bugs found inside the Windows plugins and NSClient++ integration. Whilst backporting a stability fix for the cluster from our 2.4 development tree there’s also more verbose logging for unauthenticated clients and cluster troubleshooting available.

Package updates should be around soon, meanwhile keep cool and check the Changelog below!


What’s New in Version 2.3.6


  • Require openssl1 on sles11sp3 from Security Module repository
    • Bug in SLES 11’s OpenSSL version 0.9.8j preventing verification of generated certificates.
    • Re-create these certificates with 2.3.6 linking against openssl1 (cli command or CSR auto-signing).
  • ITL: Add ldap, ntp_peer, mongodb and elasticsearch CheckCommand definitions
  • Bugfixes


  • Feature 6714: add pagerduty notification documentation
  • Feature 9172: Add “ldap” CheckCommand for “check_ldap” plugin
  • Feature 9191: Add “mongodb” CheckCommand definition
  • Feature 9415: Add elasticsearch checkcommand to itl
  • Feature 9416: snmpv3 CheckCommand: Add possibility to set securityLevel
  • Feature 9451: Merge documentation fixes from GitHub
  • Feature 9523: Add ntp_peer CheckCommand
  • Feature 9562: Add new options for ntp_time CheckCommand
  • Feature 9578: new options for smtp CheckCommand


  • Bug 9205: port empty when using icinga2 node wizard
  • Bug 9253: Incorrect variable name in the ITL
  • Bug 9303: Missing ‘snmp_is_cisco’ in Manubulon snmp-memory command definition
  • Bug 9436: Functions can’t be specified as command arguments
  • Bug 9450: node setup: indent accept_config and accept_commands
  • Bug 9452: Wrong file reference in
  • Bug 9456: Windows client w/ command_endpoint broken with $nscp_path$ and NscpPath detection
  • Bug 9463: Incorrect check_ping.exe parameter in the ITL
  • Bug 9476: Documentation for checks in an HA zone is wrong
  • Bug 9481: Fix stability issues in the TlsStream/Stream classes
  • Bug 9489: Add log message for discarded cluster events (e.g. from unauthenticated clients)
  • Bug 9490: Missing openssl verify in cluster troubleshooting docs
  • Bug 9513: itl/plugins-contrib.d/*.conf should point to PluginContribDir
  • Bug 9522: wrong default port documentated for nrpe
  • Bug 9549: Generated certificates cannot be verified w/ openssl 0.9.8j on SLES 11
  • Bug 9558: mysql-devel is not available in sles11sp3
  • Bug 9563: Update getting started for Debian Jessie

Icinga Web 2 v2.0.0-rc1 released

Thank God, RC1 is out!

This release candidate is the result of 751 days of blood, sweat and tears and round about 7K commits in our git. It was not easy and we learned our lessons but now we’re very proud to put a rc tag on Icinga Web 2. Created from scratch, a clean and reduced interface is born with everything you need: Speed, accessible and extensible. The new interface is a monitoring swiss army knife without tailoring or customisation. It is focused on your problems and provide context sensitive interaction with your IT infrastructure.

Please grab another cup of coffee, lean back and enjoy monitoring!

Beside this awesome moment we want to thank all the testers, patchers, issue-openers, developers and all the brave men out there using a so-called beta software already! You are the greatest!

Have you seen the new full screen and compact mode (try /icingaweb2/dashboard?showFullscreen&showCompact as url)? Buts that’s only a small change. RC1 also contains full-featured user- and group management interfaces, enforces restrictions and permissions on every view. And we ship the package with a fully working Postgres 9.1 backend implementation.

Enjoy Icinga Web 2, check the Changelog below and start your download!

What’s New in Version 2.0.0-rc1


  • Improve layout and look and feel in many ways
  • Apply host, service and custom variable restrictions to all monitoring objects
  • Add fullscreen mode (?showFullscreen)
  • User and group management
  • Comment and Downtime Detail View
  • Show icon_image in host/service views
  • Show Icinga program version in monitoring health


  • Feature 4139: Notify monitoring backend availability problems
  • Feature 4498: Allow to add columns to monitoring views via URL
  • Feature 6392: Resolve Icinga 2 runtime macros in action and notes URLs
  • Feature 6729: Fullscreen mode
  • Feature 7343: Fetch user groups from LDAP
  • Feature 7595: Remote connection resource configuration
  • Feature 7614: Right-align icons
  • Feature 7651: Add module information ( to all core modules
  • Feature 8054: Host Groups should list number of hosts (as well as services)
  • Feature 8235: Show host and service notes in the host and service detail view
  • Feature 8247: Move notifications to the bottom of the page
  • Feature 8281: Improve layout of comments and downtimes in the host and service detail views
  • Feature 8310: Improve layout of performance data and check statistics in the host and service detail views
  • Feature 8565: Improve look and feel of the monitoring multi-select views
  • Feature 8613: IDO queries related to concrete objects should not depend on collations
  • Feature 8665: Show icon_image in the host and service detail views
  • Feature 8781: Automatically deselect rows when closing the detail area
  • Feature 8826: User and group management
  • Feature 8849: Show only three (or four) significant digits (e.g. in check execution time)
  • Feature 8877: Allow module developers to implement new/custom authentication methods
  • Feature 8886: Require mandatory parameters in controller actions and CLI commands
  • Feature 8902: Downtime detail view
  • Feature 8903: Comment detail view
  • Feature 9009: Apply host and service restrictions to related views as well
  • Feature 9203: Wizard: Validate that a resource is actually an IDO instance
  • Feature 9207: Show icinga program version in Monitoring Health
  • Feature 9223: Show the active ido endpoint in the monitoring health view
  • Feature 9284: Create a ServiceActionsHook
  • Feature 9300: Support icon_image_alt
  • Feature 9361: Refine UI for RC1
  • Feature 9377: Permission and restriction documentation
  • Feature 9379: Provide an


  • Bug 6281: ShowController’s hostAction() and serviceAction() do not respond with 400 for invalid/missing parameters and with 404 if the host or service wasn’t found
  • Bug 6778: Duration and history time formatting isn’t correct
  • Bug 6952: Unauthenticated users are provided helpful error messages
  • Bug 7151: Play nice with form-button-double-clickers
  • Bug 7165: Invalid host address leads to exception w/ PostgreSQL
  • Bug 7447: Commands sent over SSH are missing the -i option when using a ssh user aside from the webserver’s user
  • Bug 7491: Switching from MySQL to PostgreSQL and vice versa doesn’t change the port in the resource configuration
  • Bug 7642: Monitoring menu renderers should be moved to the monitoring module
  • Bug 7658: MenuItemRenderer is not so easy to extend
  • Bug 7876: Not all views can be added to the dashboard w/o breaking the layout
  • Bug 7931: Can’t acknowledge multiple selected services which are in downtime
  • Bug 7997: Service-Detail-View tabs are changing their context when clicking the Host-Tab
  • Bug 7998: Navigating to the Services-Tab in the Service-Detail-View displays only the selected service
  • Bug 8006: Beautify command transport error exceptions
  • Bug 8205: List views should not show more than the five worst pies
  • Bug 8241: Take display_name into account when searching for host and service names
  • Bug 8334: Perfdata details partially hidden depending on the resolution
  • Bug 8339: Lib: SimpleQuery::paginate() must not fetch page and limit from request but use them from parameters
  • Bug 8343: Status summary does not respect restrictions
  • Bug 8363: Updating dashlets corrupts their URLs
  • Bug 8453: The filter column “_dev” is not allowed here
  • Bug 8472: Missing support for command line arguments in the format –arg=
  • Bug 8474: Improve layout of dictionaries in the host and service detail views
  • Bug 8624: Delete multiple downtimes and comments at once
  • Bug 8696: Can’t search for Icinga 2 custom variables
  • Bug 8705: Show all shell commands required to get ready in the setup wizard
  • Bug 8706: INI files should end with a newline character and should not contain superfluous newlines
  • Bug 8707: Wizard: setup seems to fail with just one DB user
  • Bug 8711: JS is logging “ugly” side exceptions
  • Bug 8731: Apply host restrictions to service views
  • Bug 8744: Performance data metrics with value 0 are not displayed
  • Bug 8747: Icinga 2 boolean variables not shown in the host and service detail views
  • Bug 8777: Server error: Service not found exception when service name begins or ends with whitespaces
  • Bug 8815: Only the first external command is sent over SSH when submitting commands for multiple selected hosts or services
  • Bug 8847: Missing indication that nothing was found in the docs when searching
  • Bug 8860: Host group view calculates states from service states; but states should be calculated from host states instead
  • Bug 8927: Tactical overview does not respect restrictions
  • Bug 8928: Host and service groups views do not respect restrictions
  • Bug 8929: Setup wizard does not validate whether the PostgreSQL user for creating the database owns the CREATE ROLE system privilege
  • Bug 8930: Error message about refused connection to the PostgreSQL database server displayed twice in the setup wizard
  • Bug 8934: Status text for ok/up becomes white when hovered
  • Bug 8941: Long plugin output makes the whole container horizontally scrollable instead of just the row containing the long plugin output
  • Bug 8950: Improve English for “The last one occured %s ago”
  • Bug 8953: LDAP encryption settings have no effect
  • Bug 8956: Can’t login when creating the database connection for the preferences store fails
  • Bug 8957: Fall back on syslog if the logger’s type directive is misconfigured
  • Bug 8958: Switching LDAP encryption to LDAPS doesn’t change the port in the resource configuration
  • Bug 8960: Remove exclamation mark from the notification “Authentication order updated!”
  • Bug 8966: Show custom variables visually separated in the host and service detail views
  • Bug 8967: Remove right petrol border from plugin output in the host and service detail views
  • Bug 8972: Can’t view Icinga Web 2’s log file
  • Bug 8994: Uncaught exception on empty session.save_path()
  • Bug 9000: Only the first line of a stack trace is shown in the applications log view
  • Bug 9007: Misspelled host and service names in commands are not accepted by icinga
  • Bug 9008: Notification overview does not respect restrictions
  • Bug 9022: Browser title does not change in case of an error
  • Bug 9023: Toggling feature…
  • Bug 9025: A tooltip of the service grid’s x-axe makes it difficult to click the title of the currently hovered column
  • Bug 9026: Add To Dashboard … on the dashboard
  • Bug 9046: Detail View: Downtimes description misses space between duration and comment text
  • Bug 9056: Filter for host/servicegroup search doesn’t work anymore
  • Bug 9057: contact_notify_host_timeperiod
  • Bug 9059: Can’t initiate an ascending sort by host or service severity
  • Bug 9198: monitoring/command/feature/object does not grant the correct permissions
  • Bug 9202: The config\* permission does not permit to navigate to the configuration
  • Bug 9211: Empty filters are being rendered to SQL which leads to syntax errors
  • Bug 9214: Detect multitple icinga_instances entries and warn the user
  • Bug 9220: Centralize submission and apply handling of sort rules
  • Bug 9224: Allow anonymous LDAP binding
  • Bug 9281: Problem with Icingaweb 2 after PHP Upgrade 5.6.8 -> 5.6.9
  • Bug 9317: Web 2’s ListController inherits from the monitoring module’s base controller
  • Bug 9319: Downtimes overview does not respect restrictions
  • Bug 9350: Menu disappears in user group management view
  • Bug 9351: Timeline links are broken
  • Bug 9352: User list should be sorted
  • Bug 9353: Searching for users fails, at least with LDAP backend
  • Bug 9355: msldap seems not to be a first-class citizen
  • Bug 9378: Rpm calls usermod w/ invalid option on openSUSE
  • Bug 9384: Timeline+Role problem
  • Bug 9392: Command links seem to be broken

Icinga 2 bugfix release v2.3.5

While working on the design and concept for our next major feature release in 2.4, we’ve fixed several bugs in our stable 2.3.x tree. Be it clients disconnecting in the cluster, timestamps for DB IDO history, or additional documentation for functions in object configuration, cluster config sync best practices and cluster and client troubleshooting. We’ve also added new ITL plugin check command definitions for “mongodb“, “iftraffic“, “disk_smb” and added more command arguments for “dns“, “ftp“, “tcp“, “nscp“.

In addition to that, we’ve overhauled the Windows setup wizard for the Icinga 2 client in many ways:

  • NSClient++ is now bundled and can optionally be installed when configuring the Icinga 2 client (thanks a lot, Michael Medin!)
  • The Windows installer now provides an update mode and installs the Windows service by default
  • The local nscp checkcommands querying the nscp cli command are enabled by default on Windows
  • New check plugin check_perfmon and several plugin fixes, including plugin check command definitions and documentation

v2.3.5 is tagged in git, packages in your distribution’s repository should be available soon – meanwhile check the Changelog below.

Enjoy Icinga 2 and join the community channels!





  • NSClient++ is now bundled with the Windows setup wizard and can optionally be installed
  • Windows Wizard: “include <nscp>” is set by default
  • Windows Wizard: Add update mode
  • Plugins: Add check_perfmon plugin for Windows
  • ITL: Add CheckCommand objects for Windows plugins (“include <windows-plugins>”)
  • ITL: Add CheckCommand definitions for “mongodb”, “iftraffic”, “disk_smb”
  • ITL: Add arguments to CheckCommands “dns”, “ftp”, “tcp”, “nscp”


  • Feature 8116: Extend Windows installer with an update mode
  • Feature 8180: Add documentation and CheckCommands for the windows plugins
  • Feature 8809: Add check_perfmon plugin for Windows
  • Feature 9115: Add SHOWALL to NSCP Checkcommand
  • Feature 9130: Add ‘check_drivesize’ as nscp-local check command
  • Feature 9145: Add arguments to “dns” CheckCommand
  • Feature 9146: Add arguments to “ftp” CheckCommand
  • Feature 9147: Add arguments to “tcp” CheckCommand
  • Feature 9176: ITL Documentation: Add a link for passing custom attributes as command parameters
  • Feature 9180: Include Windows support details in the documentation
  • Feature 9185: Add timestamp support for PerfdataWriter
  • Feature 9191: Add “mongodb” CheckCommand definition
  • Feature 9238: Bundle NSClient++ in Windows Installer
  • Feature 9254: Add ‘disk_smb’ Plugin CheckCommand definition
  • Feature 9256: Determine NSClient++ installation path using MsiGetComponentPath
  • Feature 9260: Include <nscp> by default on Windows
  • Feature 9261: Add the –load-all and –log options for nscp-local
  • Feature 9263: Add support for installing NSClient++ in the Icinga 2 Windows wizard
  • Feature 9270: Update service apply for documentation
  • Feature 9272: Add ‘iftraffic’ to plugins-contrib check command definitions
  • Feature 9285: Best practices: cluster config sync
  • Feature 9297: Add examples for function usage in “set_if” and “command” attributes
  • Feature 9310: Add typeof in ‘assign/ignore where’ expression as example
  • Feature 9311: Add local variable scope for *Command to documentation (host, service, etc)
  • Feature 9313: Use a more simple example for passing command parameters
  • Feature 9318: Explain string concatenation in objects by real-world example
  • Feature 9363: Update documentation for escape sequences
  • Feature 9419: Enhance cluster/client troubleshooting
  • Feature 9420: Enhance cluster docs with HA command_endpoints
  • Feature 9431: Documentation: Move configuration before advanced topics


  • Bug 8853: Syntax Highlighting: host.address vs host.add
  • Bug 8888: Icinga2 –version: Error showing Distribution
  • Bug 8891: Node wont connect properly to master if host is is not set for Endpoint on new installs
  • Bug 9055: Wrong timestamps w/ historical data replay in DB IDO
  • Bug 9109: WIN: syslog is not an enable-able feature in windows
  • Bug 9116: node update-config reports critical and warning
  • Bug 9121: Possible DB deadlock
  • Bug 9131: Missing “)” in last Apply Rules example
  • Bug 9142: Downtimes are always “fixed”
  • Bug 9143: Incorrect type and state filter mapping for User objects in DB IDO
  • Bug 9161: ‘disk': wrong order of threshold command arguments
  • Bug 9187: SPEC: Give group write permissions for perfdata dir
  • Bug 9205: port empty when using icinga2 node wizard
  • Bug 9222: Missing custom attributes in backends if name is equal to object attribute
  • Bug 9253: Incorrect variable name in the ITL
  • Bug 9255: –scm-installs fails when the service is already installed
  • Bug 9258: Some checks in the default Windows configuration fail
  • Bug 9259: Disk and ‘icinga’ services are missing in the default Windows config
  • Bug 9268: Typo in Configuration Best Practice
  • Bug 9269: Wrong permission etc on windows
  • Bug 9324: Multi line output not correctly handled from compat channels
  • Bug 9328: Multiline vars are broken in objects.cache output
  • Bug 9372: plugins-contrib.d/databases.conf: wrong argument for mssql_health
  • Bug 9389: Documentation: Typo
  • Bug 9390: Wrong service table attributes in Livestatus documentation
  • Bug 9393: Documentation: Extend Custom Attributes with the boolean type
  • Bug 9394: Including <nscp> on Linux fails with unregistered function
  • Bug 9399: Documentation: Typo
  • Bug 9406: Selective cluster reconnecting breaks client communication
  • Bug 9412: Documentation: Update the link to register a new Icinga account