Icinga Web 2 v2.1.1 released

icingaweb2_xmas_theme_loginBecause Santa would not be happy without a new Icinga Web 2 release for Christmas, we’re happy to announce the release of Icinga Web 2 version 2.1.1. This release is a primary a bugfix release, but also introduces a very cool new thing: Theming!

Curious? Be sure to checkout our winter theme in your preferences configuration. Imagine your critical and warning messages are presented in such a lovely winter wonderland. The only time in the year red is really looking great.

Find v2.1.1 on GitHub or use the packages for your favorite platform.

Changelog Version 2.1.1


  • Feature 10488: Use _ENV variables with built-in PHP webserver
  • Feature 10705: Theming
  • Feature 10898: Winter theme


  • Bug 9685: Deprecate Module::registerHook() in favor of Hook::provideHook()
  • Bug 9957: Sort hosts and services by last state change
  • Bug 10123: CSS loading may fail w/ mkdir(): File exists in FileCache.php
  • Bug 10126: setup config directory –config should use mkdir -p instead of mkdir()
  • Bug 10166: library/vendor/HTMLPurifier tree is incorrectly unpacked
  • Bug 10170: Link to service downtimes from multiple selected services includes host downtimes as well
  • Bug 10338: Debian: Failed to open stream HTMLPurifier/HTMLPurifier.php
  • Bug 10603: Line breaks are not respected in acknowledgements, comments and downtimes
  • Bug 10658: SUSE packages have the wrong dependencies
  • Bug 10659: LDAP group members are shown with their DN and membership registration does not work
  • Bug 10670: State not highlighted in plugin output
  • Bug 10671: Auto-focus the username field on the login page
  • Bug 10683: lib/CLI command web serve: rename variable basedir to something meaningful
  • Bug 10702: Host- and Service-Actions configured in Web 2 do not resolve any macros
  • Bug 10749: XHR application-state requests pollute the URL if not authenticated
  • Bug 10771: Login shows “Anmelden……..” upon login with the german locale
  • Bug 10781: LoggingConfigForm.php complains about whitespace but checks with /^[^\W]+$/
  • Bug 10790: “Problems – Service Grid” does not work with host names that contain only digits
  • Bug 10884: Tabs MUST throw an exception when activating an inexistant tab
  • Bug 10886: “impacted” container is no longer fading out
  • Bug 10892: Wrong mask for FileCache’s temp directory

Vagrant box playtime

vagrant_icingaweb2_dashboardWhile preparing for our OSMC booth and talk, we thought about enhancing the existing Vagrant boxes and include more demo cases. While the icinga2x-cluster boxes illustrate the cluster in a master-checker setup, the standalone box icinga2x focuses on a single Icinga 2 instance with Icinga Web 2 and the Icinga 2 API.

Alongside the Icinga 2 API and Icinga Web 2 there are numerous additions to the icinga2x Vagrant box:



vagrant_icinaweb2_detail_graphs_ttsPNP4Nagios is installed from the EPEL repository. The Icinga 2 Perfdata feature ensures that performance data files are written and the NPCD daemon updates the RRD files. Navigate to the host or service detail in Icinga Web 2 and watch the beautiful graphs. There’s also a menu entry in Icinga Web 2 providing an iframe to the PNP web frontend on its own.



There are demo comments including a ticket id inside the Vagrant box. A simple script feeds them into the Icinga 2 API and the Icinga Web 2 module takes care of parsing the regex and adding a URL for demo purposes.


Business Process

vagrant_icingaweb2_business_processThe box provides 2 use cases for a business process demo: web services and mysql services. In order to check the MySQL database serving DB IDO and Icinga Web 2, we’ve added the check_mysql_health plugin (Icinga 2 v2.4 also provides a CheckCommand inside the ITL <plugins-contrib> already, so integration is a breeze).

These Icinga 2 checks come configured as Business Processes in the Icinga Web 2 module which also allows you to change and simulate certain failure scenarios. You’ll also recognise a dashboard item for the Top Level View allowing you to easily navigate into the BP tree and the host and service details. Pretty cool, eh?



vagrant_icingaweb2_nagvisThe puppet module installs the latest stable NagVis release and configures the DB IDO as backend. The integration into Icinga Web 2 uses a newly developed module providing a more complete style and integrated authentication for the NagVis backend. Though there are no custom dashboards yet – send in a patch if you have some cool ones :)




vagrant_graphite_webThe Graphite backend installation is helped with Puppet modules, the main difference is that Graphite Web VHost is listening on port 8003 by default (80 is reserved for Icinga Web 2). The carbon cache daemon is listening on 2003 where the Icinga 2 Graphite feature is writing the metrics to.




vagrant_grafanaGrafana 2 uses Graphite Web as datasource. It comes preconfigured with the Icinga 2 dashboard providing an overview on load, http, mysql metrics and allows you to easily modify or add new graphs to your dashboard(s).




vagrant_dashingWe’ve had a Dashing demo using the Icinga 2 API with us at Icinga Camp Portland though it required some manual installation steps. Since the Vagrant box already enabled the Icinga 2 API, the provisioner now also installs Dashing and the demo files. Note: Installing the Ruby gems required for Dashing might take a while depending on your internet connection. If Dashing is not running, call `restart-dashing`.




The icinga2x box requires a little more resources so make sure to have 2 cpu cores and 2 GB RAM available. You’ll need Vagrant and Virtualbox or Parallels installed prior to provision the box.

git clone https://github.com/Icinga/icinga-vagrant.git
cd icinga-vagrant/icinga2x
vagrant up

The initial provisioning takes a while depending on your internet connection.

Each web frontend is available on its own using the host-only network address

Icinga Web 2 icingaadmin/icinga
Graphite Web
Grafana 2 admin/admin


In the future we’ll add more Icinga Web 2 modules or other addons, just let us know what you want to play with or send a patch even :-)

Icinga 2 v2.4.1 bugfix release

Icinga StickerThis release fixes a problem when using recurring downtimes (“ScheduledDowntime”) causing Icinga 2 to crash on startup. There are further fixes for old compilers on Debian Squeeze, Ubuntu Precise and RHEL 6. The API setup wizard does not overwrite existing certificates anymore. The node setup wizards also incorporate the NodeName and ZoneName constant by default, not the previously used FQDN.

The ITL CheckCommand ‘running_kernel’ now allows you to optionally use the ‘running_kernel_use_sudo’ attribute. One further addition are global constants to fetch PlatformName. PlatformVersion, PlatformKernel and PlatformKernelVersion.

A common problem which we’ve analysed in our community support channels is the usage of existing SSL certificates with the Icinga 2 API. In case you are encountering the SSL error “SSL3_READ_BYTES:sslv3 alert unsupported certificate” when querying the API using curl or a modern browser, please ensure that the host’s SSL certificate version is 3, not 1. More details on the mailing lists.

Icinga 2 v2.4.1 packages should be available soon, meanwhile make sure to check the Changelog below.





  • ITL
    • Add running_kernel_use_sudo option for the running_kernel check
  • Configuration
    • Add global constants: `PlatformName`. `PlatformVersion`, `PlatformKernel` and `PlatformKernelVersion`
  • CLI
    • Use NodeName and ZoneName constants for ‘node setup’ and ‘node wizard’


  • Feature 10622: Add by_ssh_options argument for the check_by_ssh plugin
  • Feature 10693: Add running_kernel_use_sudo option for the running_kernel check
  • Feature 10716: Use NodeName and ZoneName constants for ‘node setup’ and ‘node wizard’


  • Bug 10528: Documentation example in “Access Object Attributes at Runtime” doesn’t work correctly
  • Bug 10615: Build fails on SLES 11 SP3 with GCC 4.8
  • Bug 10632: “node wizard” does not ask user to verify SSL certificate
  • Bug 10641: API setup command incorrectly overwrites existing certificates
  • Bug 10643: Icinga 2 crashes when ScheduledDowntime objects are used
  • Bug 10645: Documentation for schedule-downtime is missing required paremeters
  • Bug 10648: lib/base/process.cpp SIGSEGV on Debian squeeze / RHEL 6
  • Bug 10661: Incorrect web inject URL in documentation
  • Bug 10663: Incorrect redirect for stderr in /usr/lib/icinga2/prepare-dirs
  • Bug 10667: Indentation in command-plugins.conf
  • Bug 10677: node wizard checks for /var/lib/icinga2/ca directory but not the files
  • Bug 10690: CLI command ‘repository add’ doesn’t work
  • Bug 10692: Fix typos in the documentation
  • Bug 10708: Windows setup wizard crashes when InstallDir registry key is not set
  • Bug 10710: Incorrect path for icinga2 binary in development documentation
  • Bug 10720: Remove –master_zone from –help because it is currently not implemented

Icinga 2 v2.4.0 & Icinga Web 2 v2.1.0 released

We’ve come a long way… after months of hard development we’re proud to release Icinga 2 v2.4.0 and Icinga Web 2 v2.1.0.


Icinga 2 v2.4.0

icinga2_apiIcinga 2 v2.4 feels even bigger than our first v2.0 release 1.5 years ago. “We want an API” you said – and we sat down in April and started design one. Kicking off the development in June, it’s been 5 months and 3 developers working full-time on Icinga 2 v2.4.

We’ve put a lot of effort into designing and refining a unified REST API allowing you to create configuration objects at runtime without a restart (e.g. a host auto-discovered from config management, cloud, etc) and also delete them. You can also modify existing configuration objects at runtime. All object updates are synchronised in cluster zones. In case you’re using a configuration tool for deployment you can manage configuration packages and stages.

icinga2_api_dashingWhile there are existing interfaces to query the current object states we’ve now added the full capabilities of exposing all object attributes to the user, helped with (complex) filters and joins to limit the output. List all services for hosts in a hostgroup, but only if they are in a critical state – a breeze to interact with.

You want to schedule maintenance downtimes or acknowledge problems at once? The former external commands have been revamped into Actions providing clear-cut interfaces and feedback on errors.

Event streams allow you to subscribe to specific core events, be it check results, notifications, acknowledgements. Forward these events to your umbrella monitoring system applications and use these metrics for your integration with other tools.

You can also fetch the runtime state of the Icinga 2 daemon and its features gaining insights on what’s going on. There’s also support for executing expressions and fetching the type hierarchy of config objects if you are planning to implement your own API client.

icinga-studioYou can use the icinga2 console to connect to the API and fetch the check result and its executed command line for example. The Icinga Studio application provides a GUI to fetch all objects from the API. And yet, use Dashing on your monitoring dashboards. If you want to start programming your own API clients, we’ve made sure to add programmatic examples for your convenience.

The Icinga 2 API uses HTTPS with basic auth or client SSL certificates and fully supports IPv4 and IPv6 similar to the Icinga 2 cluster. You can even set permissions for API users for specific URL endpoints with optional object filters. That way for example scripts may only schedule a downtime, or users are limited to hosts only in a specific host group.

icinga2_grafanaIcinga 2 v2.4 also introduces a new Graphite schema revamped from community feedback. Tackling configuration errors with dynamic apply rules is now helped with Icinga 2 script debugger.

Grab a coffee, or two, and get into the details in the API documentation. If you can’t wait to put Icinga 2 v2.4 in production – packages for all distributions should be available soon. Meanwhile you can test-drive the Icinga 2 API using Docker and Vagrant.


Icinga Web 2 v2.1.0

icingaweb2_dashboard_overviewThe 10th Open Source Monitoring Conference (OSMC) starts this week and team Icinga is attending for the 7th time. After our exciting release of Icinga Web 2 v2.0.0 right before Icinga Camp Portland the developers have been working hard to resolve bugs and also refine the UI styling once more.
This includes an enhanced service- and hostdetail area and a redefined table control element. A clear CSS structure makes the implementation of individual themes and styles even simpler.

Icinga Web 2 v2.1.0 is ready for download – and we’ll sure have it as live demo at our OSMC Icinga booth.



Icinga 2 v2.4.0 Changelog

Icinga Web 2 v2.1.0 Changelog

Icinga 2 v2.3.11 bugfix release

While we are working hard on our next feature release v2.4 we’ve come across several bugs and backported them into a new bugfix release v2.3.11.

This release improves the cluster stability and adds a couple of new plugin check command definitions for the ITL. It also introduces a new function called “cidr_match”:

$ icinga2 console
Icinga (version: v2.3.0-672-g35cbcde)
<1> cidr_match("", "")
<2> cidr_match("", "")
<3> cidr_match("2a03:2880::/29", "2a03:2880:f022:6:face:b00c:0:2")

Furthermore this release adds a new function resolve_arguments which lets users resolve commands+arguments in exactly the same way Icinga does internally as shown in the example below:

arguments = {
  "-C" = {{
    var command = macro("$by_ssh_command$")
    var arguments = macro("$by_ssh_arguments$")

    if (typeof(command) == String && !arguments) {
      return command

    var escaped_args = []
    for (arg in resolve_arguments(command, arguments)) {
    return escaped_args.join(" ")

Package updates are available soon. Please report any findings on bugs to our development tracker.

What’s New in Version 2.3.11


  • Function for performing CIDR matches: cidr_match()
  • New methods: String#reverse and Array#reverse
  • New ITL command definitions: nwc_health, hpasm, squid, pgsql
  • Additional arguments for ITL command definitions: by_ssh, dig, pop, spop, imap, simap
  • Documentation updates
  • Various bugfixes


  • Feature 9183: Add timestamp support for OpenTsdbWriter
  • Feature 9466: Add FreeBSD setup to getting started
  • Feature 9812: add check command for check_nwc_health
  • Feature 9854: check_command for plugin check_hpasm
  • Feature 10004: escape_shell_arg() method
  • Feature 10006: Implement a way for users to resolve commands+arguments in the same way Icinga does
  • Feature 10057: Command Execution Bridge: Use of same endpoint names in examples for a better understanding
  • Feature 10109: Add check command squid
  • Feature 10112: Add check command pgsql
  • Feature 10129: Add ipv4/ipv6 only to nrpe CheckCommand
  • Feature 10139: expand check command dig
  • Feature 10142: Update debug docs for core dumps and full backtraces
  • Feature 10157: Update graphing section in the docs
  • Feature 10158: Make check_disk.exe CheckCommand Config more verbose
  • Feature 10161: Improve documentation for check_memory
  • Feature 10197: Implement the Array#reverse and String#reverse methods
  • Feature 10207: Find a better description for cluster communication requirements
  • Feature 10216: Clarify on cluster/client naming convention and add troubleshooting section
  • Feature 10219: Add timeout argument for pop, spop, imap, simap commands
  • Feature 10352: Improve timeperiod documentation
  • Feature 10354: New method: cidr_match()
  • Feature 10379: Add a debug log message for updating the program status table in DB IDO


  • Bug 8805: check cluster-zone returns wrong log lag
  • Bug 9322: sending multiple Livestatus commands rejects all except the first
  • Bug 10002: Deadlock in WorkQueue::Enqueue
  • Bug 10079: Improve error message for socket errors in Livestatus
  • Bug 10093: Rather use unique SID when granting rights for folders in NSIS on Windows Client
  • Bug 10177: Windows Check Update -> Access denied
  • Bug 10191: String methods cannot be invoked on an empty string
  • Bug 10192: null + null should not be “”
  • Bug 10199: Remove unnecessary MakeLiteral calls in SetExpression::DoEvaluate
  • Bug 10204: Config parser problem with parenthesis and newlines
  • Bug 10205: config checker reports wrong error on apply for rules
  • Bug 10235: Deadlock in TlsStream::Close
  • Bug 10239: Don’t throw an exception when replaying the current replay log file
  • Bug 10245: Percent character whitespace on Windows
  • Bug 10254: Performance Data Labels including ‘=’ will not be displayed correct
  • Bug 10262: Don’t log messages we’ve already relayed to all relevant zones
  • Bug 10266: “Not after” value overflows in X509 certificates on RHEL5
  • Bug 10348: Checkresultreader is unable to process host checks
  • Bug 10349: Missing Start call for base class in CheckResultReader
  • Bug 10351: Broken table layout in chapter 20
  • Bug 10365: ApiListener::SyncRelayMessage doesn’t send message to all zone members
  • Bug 10377: Wrong connection log message for global zones


Icinga Web 2.0.0 – The final version is unleashed

After tons of hours of work, we are proud to present today the final version of our interface Icinga Web 2. The new interface comes with a completely new design and many user-friendly enhancements to find the relevant information even faster.

With the new design you can see at glance whether Icinga runs properly or significant problems occurred. We enhanced the dashboard with new views to easily see overdue or disabled checks, and muted hosts and services which have already been acknowledged. In contrast to previous versions, the interface has now a detailed view for host and service checks which are not being executed in time.

To provide additional security, we added many new features, for example accessing modules now requires appropriate permissions. All existing permissions and restrictions of the predecessors are of course retained in the new version. Roles containing permissions and restrictions can be assigned to users and user groups in order to permit or restrict their access.

We also improved the integration of Active Directory and other LDAP servers. The new version supports to load users, users groups and group memberships of them as well as authenticating against Kerberos and loading user groups from Active Directory. A major advance is the creation of hosts and services actions; instead of defining them via Icinga’s configuration files, every user is now enabled to create them with the web interface and even share them to others.

The configuration allows to add actions only to certain hosts or services and supports macros like the host and service name, and custom variables. The new web interface provides yet a very basic API for scheduling and removing host and service downtimes. Basic access authentication is also a new feature to ease usage of the API.


For the future, you can expect more API actions and the creation of modules to integrate various popular tools to enhance the DevOps stack.

Find the current version on GitHub right know, while packages will be available soon.