Icinga 2 bugfix release v2.3.9

The Icinga team is currently working on implementing the API which is scheduled to be included as part of the 2.4.0 release. However, in parallel we’ve also been fixing a number of issues in 2.3. Today we’re releasing these fixes and a few other ITL and documentation updates as version 2.3.9.

As usual packages for 2.3.9 should be available at packages.icinga.org shortly.

Here’s a list of all changes for this release:


What’s New in Version 2.3.9


  • Fix that the first SOFT state is recognized as second SOFT state
  • Implemented reload functionality for Windows
  • New ITL check commands
  • Documentation updates
  • Various other bugfixes


  • Feature 9527: CheckCommand for check_interfaces
  • Feature 9671: Add check_yum to ITL
  • Feature 9675: Add check_redis to ITL
  • Feature 9686: Update gdb pretty printer docs w/ Python 3
  • Feature 9699: Adding “-r” parameter to the check_load command for dividing the load averages by the number of CPUs.
  • Feature 9747: check_command for plugin check_clamd
  • Feature 9796: Implement Dictionary#get and Array#get
  • Feature 9801: Add check_jmx4perl to ITL
  • Feature 9811: add check command for check_mailq
  • Feature 9827: snmpv3 CheckCommand section improved
  • Feature 9882: Implement the Dictionary#keys method
  • Feature 9883: Use an empty dictionary for the ‘this’ scope when executing commands with Livestatus
  • Feature 9985: add check command nscp-local-counter
  • Feature 9996: Add new arguments openvmtools for Open VM Tools


  • Bug 8979: Missing DEL_DOWNTIME_BY_HOST_NAME command required by Classic UI 1.x
  • Bug 9262: cluster check w/ immediate parent and child zone endpoints
  • Bug 9623: missing config warning on empty port in endpoints
  • Bug 9769: Set correct X509 version for certificates
  • Bug 9773: Add log for missing EventCommand for command_endpoints
  • Bug 9779: Trying to set a field for a non-object instance fails
  • Bug 9782: icinga2 node wizard don’t take zone_name input
  • Bug 9806: Operator + is inconsistent when used with empty and non-empty strings
  • Bug 9814: Build fix for Boost 1.59
  • Bug 9835: Dict initializer incorrectly re-initializes field that is set to an empty string
  • Bug 9860: missing check_perfmon.exe
  • Bug 9867: Agent freezes when the check returns massive output
  • Bug 9884: Warning about invalid API function icinga::Hello
  • Bug 9897: First SOFT state is recognized as second SOFT state
  • Bug 9902: typo in docs
  • Bug 9912: check_command interfaces option match_aliases has to be boolean
  • Bug 9913: Default disk checks on Windows fail because check_disk doesn’t support -K
  • Bug 9928: Add missing category for IDO query
  • Bug 9947: Serial number field is not properly initialized for CA certificates
  • Bug 9961: Don’t re-download NSCP for every build
  • Bug 9962: Utility::Glob on Windows doesn’t support wildcards in all but the last path component
  • Bug 9972: Icinga2 – too many open files – Exception
  • Bug 9984: fix check command nscp-local
  • Bug 9992: Duplicate severity type in the documentation for SyslogLogger

Vagrant boxes revamped

vagrant-logoWe’ve found Vagrant pretty useful for our demo cases – the first draft of the Icinga 2 Cluster happened to be a NETWAYS CeBit demo and evolved ever since. icinga-vagrant was added is official Icinga project similar to what we have with our Docker demos and gained more attraction by testers and developers.

The good thing about Vagrant using different providers is – you can even run these demos on Windows. You’ll need some prerequisites to make it work on Windows though – Git with SSH and Ruby. On Linux the Vagrant packages already requires them. Additionally you’ll need at least the following versions:

  • Vagrant >= 1.6.5
  • VirtualBox >= 4.2.16

Our default provider is VirtualBox where these boxes are regularly tested on. The underlying provisioner is using Puppet modules to setup the Vagrant environment. This installs for example Apache, MySQL, Plugins, Icinga 2 and Icinga Web 2 in the icinga2x box. The Icinga packages are pulled from our snapshot repositories allowing developers and testers fetching the latest and greatest – and also help finding bugs soon enough :-)

Currently there are four different Vagrant environments available for testing:

  • icinga2x: Standalone Icinga 2 box with user interfaces: Icinga Web 2, Icinga Web 1.x and Classic UI 1.x
  • icinga2x-cluster: Icinga 2 Cluster as Master-Checker setup. Includes Icinga Web 2 as user interface.
  • icinga2x-graylog2: Special Graylog demo environment with standalone Icinga 2
  • icinga1x: Standalone Icinga 1.x Core with Icinga Web 1.x and Classic UI 1.x. Includes Jasper-Reporting.

Note that icinga1x will stick with CentOS6 due to the Reporting integration (unless someone sends a patch). The other boxes have been upgraded recently to use CentOS 7.1 as base box.

There were several changes in the past months, refactoring the required git modules from submodules to subtree and also updating the demo configuration. All icinga2x boxes also share common host-only IP addresses for easier access. Once puppet-icinga2 and puppet-icingaweb2 become ready, they’ll be included inside the provisioning mechanism replacing our own local modules. In order to keep it simple, you may just download the latest release tarball instead of cloning the git repository.

Start away with the Icinga 2 box:

$ git clone https://github.com/Icinga/icinga-vagrant.git
$ cd icinga-vagrant
$ cd icinga2x
$ vagrant up

Open your browser and navigate to the host-only ip addresses (Login: icingaadmin/icinga)


If you encounter problems, please open an issue at https://dev.icinga.org/projects/icinga-tools/issues – meanwhile enjoy the Vagrant show! :-)

Icinga 2 bugfix release v2.3.8

2.3.7 last week introduced a problem with DB IDO PostgreSQL when fixing a separate issue. Next to that we’ve also backported some more fixes from our development tree for 2.4 into v2.3.8.

Check the Changelog below while preparing your update.


What’s New in Version 2.3.8


  • Bugfixes


  • Bug 9554: Don’t allow “ignore where” for groups when there’s no “assign where”
  • Bug 9634: DB IDO: Do not update endpointstatus table on config updates
  • Bug 9637: Wrong parameter for CheckCommand “ping-common-windows”
  • Bug 9665: Escaping does not work for OpenTSDB perfdata plugin
  • Bug 9666: checkcommand disk does not check free inode – check_disk

Bugfix releases: Icinga 2 v2.3.7 and Icinga v1.13.3

This time we’ll release two Icinga Core bugfix releases – Icinga 2 v2.3.7 and Icinga v1.13.3.

Package updates are available soon, meanwhile check the Changelog below.


What’s New in Version 2.3.7


  • Bugfixes


  • Feature 9610: Enhance troubleshooting ssl errors & cluster replay log


  • Bug 9406: Selective cluster reconnecting breaks client communication
  • Bug 9535: Config parser ignores “ignore” in template definition
  • Bug 9584: Incorrect return value for the macro() function
  • Bug 9585: Wrong formatting in DB IDO extensions docs
  • Bug 9586: DB IDO: endpoint* tables are cleared on reload causing constraint violations
  • Bug 9621: Assertion failed in icinga::ScriptUtils::Intersection
  • Bug 9622: Missing lock in ScriptUtils::Union

What’s New in Version 1.13.3


  • Bugfixes


  • Bug 7337: Only use SCHEDULE_HOST_DOWNTIME command for Icinga 2.x
  • Bug 8130: Wrong values for percent_* when using hostgroup in availability report
  • Bug 9020: Solaris package behaves badly upon uninstall
  • Bug 9106: Icinga no longer sending acknowledgement notifications
  • Bug 9240: invalid JSON for flapping threshold configuration

Icinga 2 bugfix release v2.3.6

While updating the documentation and Icinga Template Library definitions, we’ve also tackled a more severe problem with OpenSSL on SLES11 SP3 with this bugfix release v2.3.6.

icinga2_sles11_opensslSLES11 uses the old 0.9.8j release causing trouble when verifying the SSL certificates generated from ‘node wizard’ commands (see #9549 for a detailed analysis). The problem became even more weird when debugging it, so we decided to go for the only safe solution – link against openssl1 from the Security Module repository.

The package update for SLES11 requires openssl1, please ensure enabling the repository beforehand. You can use this small check script “check_icinga2_openssl” (shown in the screenshot).

Other than that, we’ve also fixed some bugs found inside the Windows plugins and NSClient++ integration. Whilst backporting a stability fix for the cluster from our 2.4 development tree there’s also more verbose logging for unauthenticated clients and cluster troubleshooting available.

Package updates should be around soon, meanwhile keep cool and check the Changelog below!


What’s New in Version 2.3.6


  • Require openssl1 on sles11sp3 from Security Module repository
    • Bug in SLES 11’s OpenSSL version 0.9.8j preventing verification of generated certificates.
    • Re-create these certificates with 2.3.6 linking against openssl1 (cli command or CSR auto-signing).
  • ITL: Add ldap, ntp_peer, mongodb and elasticsearch CheckCommand definitions
  • Bugfixes


  • Feature 6714: add pagerduty notification documentation
  • Feature 9172: Add “ldap” CheckCommand for “check_ldap” plugin
  • Feature 9191: Add “mongodb” CheckCommand definition
  • Feature 9415: Add elasticsearch checkcommand to itl
  • Feature 9416: snmpv3 CheckCommand: Add possibility to set securityLevel
  • Feature 9451: Merge documentation fixes from GitHub
  • Feature 9523: Add ntp_peer CheckCommand
  • Feature 9562: Add new options for ntp_time CheckCommand
  • Feature 9578: new options for smtp CheckCommand


  • Bug 9205: port empty when using icinga2 node wizard
  • Bug 9253: Incorrect variable name in the ITL
  • Bug 9303: Missing ‘snmp_is_cisco’ in Manubulon snmp-memory command definition
  • Bug 9436: Functions can’t be specified as command arguments
  • Bug 9450: node setup: indent accept_config and accept_commands
  • Bug 9452: Wrong file reference in README.md
  • Bug 9456: Windows client w/ command_endpoint broken with $nscp_path$ and NscpPath detection
  • Bug 9463: Incorrect check_ping.exe parameter in the ITL
  • Bug 9476: Documentation for checks in an HA zone is wrong
  • Bug 9481: Fix stability issues in the TlsStream/Stream classes
  • Bug 9489: Add log message for discarded cluster events (e.g. from unauthenticated clients)
  • Bug 9490: Missing openssl verify in cluster troubleshooting docs
  • Bug 9513: itl/plugins-contrib.d/*.conf should point to PluginContribDir
  • Bug 9522: wrong default port documentated for nrpe
  • Bug 9549: Generated certificates cannot be verified w/ openssl 0.9.8j on SLES 11
  • Bug 9558: mysql-devel is not available in sles11sp3
  • Bug 9563: Update getting started for Debian Jessie

Icinga Web 2 v2.0.0-rc1 released

Thank God, RC1 is out!

This release candidate is the result of 751 days of blood, sweat and tears and round about 7K commits in our git. It was not easy and we learned our lessons but now we’re very proud to put a rc tag on Icinga Web 2. Created from scratch, a clean and reduced interface is born with everything you need: Speed, accessible and extensible. The new interface is a monitoring swiss army knife without tailoring or customisation. It is focused on your problems and provide context sensitive interaction with your IT infrastructure.

Please grab another cup of coffee, lean back and enjoy monitoring!

Beside this awesome moment we want to thank all the testers, patchers, issue-openers, developers and all the brave men out there using a so-called beta software already! You are the greatest!

Have you seen the new full screen and compact mode (try /icingaweb2/dashboard?showFullscreen&showCompact as url)? Buts that’s only a small change. RC1 also contains full-featured user- and group management interfaces, enforces restrictions and permissions on every view. And we ship the package with a fully working Postgres 9.1 backend implementation.

Enjoy Icinga Web 2, check the Changelog below and start your download!

What’s New in Version 2.0.0-rc1


  • Improve layout and look and feel in many ways
  • Apply host, service and custom variable restrictions to all monitoring objects
  • Add fullscreen mode (?showFullscreen)
  • User and group management
  • Comment and Downtime Detail View
  • Show icon_image in host/service views
  • Show Icinga program version in monitoring health


  • Feature 4139: Notify monitoring backend availability problems
  • Feature 4498: Allow to add columns to monitoring views via URL
  • Feature 6392: Resolve Icinga 2 runtime macros in action and notes URLs
  • Feature 6729: Fullscreen mode
  • Feature 7343: Fetch user groups from LDAP
  • Feature 7595: Remote connection resource configuration
  • Feature 7614: Right-align icons
  • Feature 7651: Add module information (module.info) to all core modules
  • Feature 8054: Host Groups should list number of hosts (as well as services)
  • Feature 8235: Show host and service notes in the host and service detail view
  • Feature 8247: Move notifications to the bottom of the page
  • Feature 8281: Improve layout of comments and downtimes in the host and service detail views
  • Feature 8310: Improve layout of performance data and check statistics in the host and service detail views
  • Feature 8565: Improve look and feel of the monitoring multi-select views
  • Feature 8613: IDO queries related to concrete objects should not depend on collations
  • Feature 8665: Show icon_image in the host and service detail views
  • Feature 8781: Automatically deselect rows when closing the detail area
  • Feature 8826: User and group management
  • Feature 8849: Show only three (or four) significant digits (e.g. in check execution time)
  • Feature 8877: Allow module developers to implement new/custom authentication methods
  • Feature 8886: Require mandatory parameters in controller actions and CLI commands
  • Feature 8902: Downtime detail view
  • Feature 8903: Comment detail view
  • Feature 9009: Apply host and service restrictions to related views as well
  • Feature 9203: Wizard: Validate that a resource is actually an IDO instance
  • Feature 9207: Show icinga program version in Monitoring Health
  • Feature 9223: Show the active ido endpoint in the monitoring health view
  • Feature 9284: Create a ServiceActionsHook
  • Feature 9300: Support icon_image_alt
  • Feature 9361: Refine UI for RC1
  • Feature 9377: Permission and restriction documentation
  • Feature 9379: Provide an about.md


  • Bug 6281: ShowController’s hostAction() and serviceAction() do not respond with 400 for invalid/missing parameters and with 404 if the host or service wasn’t found
  • Bug 6778: Duration and history time formatting isn’t correct
  • Bug 6952: Unauthenticated users are provided helpful error messages
  • Bug 7151: Play nice with form-button-double-clickers
  • Bug 7165: Invalid host address leads to exception w/ PostgreSQL
  • Bug 7447: Commands sent over SSH are missing the -i option when using a ssh user aside from the webserver’s user
  • Bug 7491: Switching from MySQL to PostgreSQL and vice versa doesn’t change the port in the resource configuration
  • Bug 7642: Monitoring menu renderers should be moved to the monitoring module
  • Bug 7658: MenuItemRenderer is not so easy to extend
  • Bug 7876: Not all views can be added to the dashboard w/o breaking the layout
  • Bug 7931: Can’t acknowledge multiple selected services which are in downtime
  • Bug 7997: Service-Detail-View tabs are changing their context when clicking the Host-Tab
  • Bug 7998: Navigating to the Services-Tab in the Service-Detail-View displays only the selected service
  • Bug 8006: Beautify command transport error exceptions
  • Bug 8205: List views should not show more than the five worst pies
  • Bug 8241: Take display_name into account when searching for host and service names
  • Bug 8334: Perfdata details partially hidden depending on the resolution
  • Bug 8339: Lib: SimpleQuery::paginate() must not fetch page and limit from request but use them from parameters
  • Bug 8343: Status summary does not respect restrictions
  • Bug 8363: Updating dashlets corrupts their URLs
  • Bug 8453: The filter column “_dev” is not allowed here
  • Bug 8472: Missing support for command line arguments in the format –arg=
  • Bug 8474: Improve layout of dictionaries in the host and service detail views
  • Bug 8624: Delete multiple downtimes and comments at once
  • Bug 8696: Can’t search for Icinga 2 custom variables
  • Bug 8705: Show all shell commands required to get ready in the setup wizard
  • Bug 8706: INI files should end with a newline character and should not contain superfluous newlines
  • Bug 8707: Wizard: setup seems to fail with just one DB user
  • Bug 8711: JS is logging “ugly” side exceptions
  • Bug 8731: Apply host restrictions to service views
  • Bug 8744: Performance data metrics with value 0 are not displayed
  • Bug 8747: Icinga 2 boolean variables not shown in the host and service detail views
  • Bug 8777: Server error: Service not found exception when service name begins or ends with whitespaces
  • Bug 8815: Only the first external command is sent over SSH when submitting commands for multiple selected hosts or services
  • Bug 8847: Missing indication that nothing was found in the docs when searching
  • Bug 8860: Host group view calculates states from service states; but states should be calculated from host states instead
  • Bug 8927: Tactical overview does not respect restrictions
  • Bug 8928: Host and service groups views do not respect restrictions
  • Bug 8929: Setup wizard does not validate whether the PostgreSQL user for creating the database owns the CREATE ROLE system privilege
  • Bug 8930: Error message about refused connection to the PostgreSQL database server displayed twice in the setup wizard
  • Bug 8934: Status text for ok/up becomes white when hovered
  • Bug 8941: Long plugin output makes the whole container horizontally scrollable instead of just the row containing the long plugin output
  • Bug 8950: Improve English for “The last one occured %s ago”
  • Bug 8953: LDAP encryption settings have no effect
  • Bug 8956: Can’t login when creating the database connection for the preferences store fails
  • Bug 8957: Fall back on syslog if the logger’s type directive is misconfigured
  • Bug 8958: Switching LDAP encryption to LDAPS doesn’t change the port in the resource configuration
  • Bug 8960: Remove exclamation mark from the notification “Authentication order updated!”
  • Bug 8966: Show custom variables visually separated in the host and service detail views
  • Bug 8967: Remove right petrol border from plugin output in the host and service detail views
  • Bug 8972: Can’t view Icinga Web 2’s log file
  • Bug 8994: Uncaught exception on empty session.save_path()
  • Bug 9000: Only the first line of a stack trace is shown in the applications log view
  • Bug 9007: Misspelled host and service names in commands are not accepted by icinga
  • Bug 9008: Notification overview does not respect restrictions
  • Bug 9022: Browser title does not change in case of an error
  • Bug 9023: Toggling feature…
  • Bug 9025: A tooltip of the service grid’s x-axe makes it difficult to click the title of the currently hovered column
  • Bug 9026: Add To Dashboard … on the dashboard
  • Bug 9046: Detail View: Downtimes description misses space between duration and comment text
  • Bug 9056: Filter for host/servicegroup search doesn’t work anymore
  • Bug 9057: contact_notify_host_timeperiod
  • Bug 9059: Can’t initiate an ascending sort by host or service severity
  • Bug 9198: monitoring/command/feature/object does not grant the correct permissions
  • Bug 9202: The config\* permission does not permit to navigate to the configuration
  • Bug 9211: Empty filters are being rendered to SQL which leads to syntax errors
  • Bug 9214: Detect multitple icinga_instances entries and warn the user
  • Bug 9220: Centralize submission and apply handling of sort rules
  • Bug 9224: Allow anonymous LDAP binding
  • Bug 9281: Problem with Icingaweb 2 after PHP Upgrade 5.6.8 -> 5.6.9
  • Bug 9317: Web 2’s ListController inherits from the monitoring module’s base controller
  • Bug 9319: Downtimes overview does not respect restrictions
  • Bug 9350: Menu disappears in user group management view
  • Bug 9351: Timeline links are broken
  • Bug 9352: User list should be sorted
  • Bug 9353: Searching for users fails, at least with LDAP backend
  • Bug 9355: msldap seems not to be a first-class citizen
  • Bug 9378: Rpm calls usermod w/ invalid option on openSUSE
  • Bug 9384: Timeline+Role problem
  • Bug 9392: Command links seem to be broken