Icinga Web 2 v2.0.0-rc1 released

Thank God, RC1 is out!

This release candidate is the result of 751 days of blood, sweat and tears and round about 7K commits in our git. It was not easy and we learned our lessons but now we’re very proud to put a rc tag on Icinga Web 2. Created from scratch, a clean and reduced interface is born with everything you need: Speed, accessible and extensible. The new interface is a monitoring swiss army knife without tailoring or customisation. It is focused on your problems and provide context sensitive interaction with your IT infrastructure.

Please grab another cup of coffee, lean back and enjoy monitoring!

Beside this awesome moment we want to thank all the testers, patchers, issue-openers, developers and all the brave men out there using a so-called beta software already! You are the greatest!

Have you seen the new full screen and compact mode (try /icingaweb2/dashboard?showFullscreen&showCompact as url)? Buts that’s only a small change. RC1 also contains full-featured user- and group management interfaces, enforces restrictions and permissions on every view. And we ship the package with a fully working Postgres 9.1 backend implementation.

Enjoy Icinga Web 2, check the Changelog below and start your download!

What’s New in Version 2.0.0-rc1


  • Improve layout and look and feel in many ways
  • Apply host, service and custom variable restrictions to all monitoring objects
  • Add fullscreen mode (?showFullscreen)
  • User and group management
  • Comment and Downtime Detail View
  • Show icon_image in host/service views
  • Show Icinga program version in monitoring health


  • Feature 4139: Notify monitoring backend availability problems
  • Feature 4498: Allow to add columns to monitoring views via URL
  • Feature 6392: Resolve Icinga 2 runtime macros in action and notes URLs
  • Feature 6729: Fullscreen mode
  • Feature 7343: Fetch user groups from LDAP
  • Feature 7595: Remote connection resource configuration
  • Feature 7614: Right-align icons
  • Feature 7651: Add module information (module.info) to all core modules
  • Feature 8054: Host Groups should list number of hosts (as well as services)
  • Feature 8235: Show host and service notes in the host and service detail view
  • Feature 8247: Move notifications to the bottom of the page
  • Feature 8281: Improve layout of comments and downtimes in the host and service detail views
  • Feature 8310: Improve layout of performance data and check statistics in the host and service detail views
  • Feature 8565: Improve look and feel of the monitoring multi-select views
  • Feature 8613: IDO queries related to concrete objects should not depend on collations
  • Feature 8665: Show icon_image in the host and service detail views
  • Feature 8781: Automatically deselect rows when closing the detail area
  • Feature 8826: User and group management
  • Feature 8849: Show only three (or four) significant digits (e.g. in check execution time)
  • Feature 8877: Allow module developers to implement new/custom authentication methods
  • Feature 8886: Require mandatory parameters in controller actions and CLI commands
  • Feature 8902: Downtime detail view
  • Feature 8903: Comment detail view
  • Feature 9009: Apply host and service restrictions to related views as well
  • Feature 9203: Wizard: Validate that a resource is actually an IDO instance
  • Feature 9207: Show icinga program version in Monitoring Health
  • Feature 9223: Show the active ido endpoint in the monitoring health view
  • Feature 9284: Create a ServiceActionsHook
  • Feature 9300: Support icon_image_alt
  • Feature 9361: Refine UI for RC1
  • Feature 9377: Permission and restriction documentation
  • Feature 9379: Provide an about.md


  • Bug 6281: ShowController’s hostAction() and serviceAction() do not respond with 400 for invalid/missing parameters and with 404 if the host or service wasn’t found
  • Bug 6778: Duration and history time formatting isn’t correct
  • Bug 6952: Unauthenticated users are provided helpful error messages
  • Bug 7151: Play nice with form-button-double-clickers
  • Bug 7165: Invalid host address leads to exception w/ PostgreSQL
  • Bug 7447: Commands sent over SSH are missing the -i option when using a ssh user aside from the webserver’s user
  • Bug 7491: Switching from MySQL to PostgreSQL and vice versa doesn’t change the port in the resource configuration
  • Bug 7642: Monitoring menu renderers should be moved to the monitoring module
  • Bug 7658: MenuItemRenderer is not so easy to extend
  • Bug 7876: Not all views can be added to the dashboard w/o breaking the layout
  • Bug 7931: Can’t acknowledge multiple selected services which are in downtime
  • Bug 7997: Service-Detail-View tabs are changing their context when clicking the Host-Tab
  • Bug 7998: Navigating to the Services-Tab in the Service-Detail-View displays only the selected service
  • Bug 8006: Beautify command transport error exceptions
  • Bug 8205: List views should not show more than the five worst pies
  • Bug 8241: Take display_name into account when searching for host and service names
  • Bug 8334: Perfdata details partially hidden depending on the resolution
  • Bug 8339: Lib: SimpleQuery::paginate() must not fetch page and limit from request but use them from parameters
  • Bug 8343: Status summary does not respect restrictions
  • Bug 8363: Updating dashlets corrupts their URLs
  • Bug 8453: The filter column “_dev” is not allowed here
  • Bug 8472: Missing support for command line arguments in the format –arg=
  • Bug 8474: Improve layout of dictionaries in the host and service detail views
  • Bug 8624: Delete multiple downtimes and comments at once
  • Bug 8696: Can’t search for Icinga 2 custom variables
  • Bug 8705: Show all shell commands required to get ready in the setup wizard
  • Bug 8706: INI files should end with a newline character and should not contain superfluous newlines
  • Bug 8707: Wizard: setup seems to fail with just one DB user
  • Bug 8711: JS is logging “ugly” side exceptions
  • Bug 8731: Apply host restrictions to service views
  • Bug 8744: Performance data metrics with value 0 are not displayed
  • Bug 8747: Icinga 2 boolean variables not shown in the host and service detail views
  • Bug 8777: Server error: Service not found exception when service name begins or ends with whitespaces
  • Bug 8815: Only the first external command is sent over SSH when submitting commands for multiple selected hosts or services
  • Bug 8847: Missing indication that nothing was found in the docs when searching
  • Bug 8860: Host group view calculates states from service states; but states should be calculated from host states instead
  • Bug 8927: Tactical overview does not respect restrictions
  • Bug 8928: Host and service groups views do not respect restrictions
  • Bug 8929: Setup wizard does not validate whether the PostgreSQL user for creating the database owns the CREATE ROLE system privilege
  • Bug 8930: Error message about refused connection to the PostgreSQL database server displayed twice in the setup wizard
  • Bug 8934: Status text for ok/up becomes white when hovered
  • Bug 8941: Long plugin output makes the whole container horizontally scrollable instead of just the row containing the long plugin output
  • Bug 8950: Improve English for “The last one occured %s ago”
  • Bug 8953: LDAP encryption settings have no effect
  • Bug 8956: Can’t login when creating the database connection for the preferences store fails
  • Bug 8957: Fall back on syslog if the logger’s type directive is misconfigured
  • Bug 8958: Switching LDAP encryption to LDAPS doesn’t change the port in the resource configuration
  • Bug 8960: Remove exclamation mark from the notification “Authentication order updated!”
  • Bug 8966: Show custom variables visually separated in the host and service detail views
  • Bug 8967: Remove right petrol border from plugin output in the host and service detail views
  • Bug 8972: Can’t view Icinga Web 2’s log file
  • Bug 8994: Uncaught exception on empty session.save_path()
  • Bug 9000: Only the first line of a stack trace is shown in the applications log view
  • Bug 9007: Misspelled host and service names in commands are not accepted by icinga
  • Bug 9008: Notification overview does not respect restrictions
  • Bug 9022: Browser title does not change in case of an error
  • Bug 9023: Toggling feature…
  • Bug 9025: A tooltip of the service grid’s x-axe makes it difficult to click the title of the currently hovered column
  • Bug 9026: Add To Dashboard … on the dashboard
  • Bug 9046: Detail View: Downtimes description misses space between duration and comment text
  • Bug 9056: Filter for host/servicegroup search doesn’t work anymore
  • Bug 9057: contact_notify_host_timeperiod
  • Bug 9059: Can’t initiate an ascending sort by host or service severity
  • Bug 9198: monitoring/command/feature/object does not grant the correct permissions
  • Bug 9202: The config\* permission does not permit to navigate to the configuration
  • Bug 9211: Empty filters are being rendered to SQL which leads to syntax errors
  • Bug 9214: Detect multitple icinga_instances entries and warn the user
  • Bug 9220: Centralize submission and apply handling of sort rules
  • Bug 9224: Allow anonymous LDAP binding
  • Bug 9281: Problem with Icingaweb 2 after PHP Upgrade 5.6.8 -> 5.6.9
  • Bug 9317: Web 2’s ListController inherits from the monitoring module’s base controller
  • Bug 9319: Downtimes overview does not respect restrictions
  • Bug 9350: Menu disappears in user group management view
  • Bug 9351: Timeline links are broken
  • Bug 9352: User list should be sorted
  • Bug 9353: Searching for users fails, at least with LDAP backend
  • Bug 9355: msldap seems not to be a first-class citizen
  • Bug 9378: Rpm calls usermod w/ invalid option on openSUSE
  • Bug 9384: Timeline+Role problem
  • Bug 9392: Command links seem to be broken

Icinga 2 bugfix release v2.3.5

While working on the design and concept for our next major feature release in 2.4, we’ve fixed several bugs in our stable 2.3.x tree. Be it clients disconnecting in the cluster, timestamps for DB IDO history, or additional documentation for functions in object configuration, cluster config sync best practices and cluster and client troubleshooting. We’ve also added new ITL plugin check command definitions for “mongodb“, “iftraffic“, “disk_smb” and added more command arguments for “dns“, “ftp“, “tcp“, “nscp“.

In addition to that, we’ve overhauled the Windows setup wizard for the Icinga 2 client in many ways:

  • NSClient++ is now bundled and can optionally be installed when configuring the Icinga 2 client (thanks a lot, Michael Medin!)
  • The Windows installer now provides an update mode and installs the Windows service by default
  • The local nscp checkcommands querying the nscp cli command are enabled by default on Windows
  • New check plugin check_perfmon and several plugin fixes, including plugin check command definitions and documentation

v2.3.5 is tagged in git, packages in your distribution’s repository should be available soon – meanwhile check the Changelog below.

Enjoy Icinga 2 and join the community channels!





  • NSClient++ is now bundled with the Windows setup wizard and can optionally be installed
  • Windows Wizard: “include <nscp>” is set by default
  • Windows Wizard: Add update mode
  • Plugins: Add check_perfmon plugin for Windows
  • ITL: Add CheckCommand objects for Windows plugins (“include <windows-plugins>”)
  • ITL: Add CheckCommand definitions for “mongodb”, “iftraffic”, “disk_smb”
  • ITL: Add arguments to CheckCommands “dns”, “ftp”, “tcp”, “nscp”


  • Feature 8116: Extend Windows installer with an update mode
  • Feature 8180: Add documentation and CheckCommands for the windows plugins
  • Feature 8809: Add check_perfmon plugin for Windows
  • Feature 9115: Add SHOWALL to NSCP Checkcommand
  • Feature 9130: Add ‘check_drivesize’ as nscp-local check command
  • Feature 9145: Add arguments to “dns” CheckCommand
  • Feature 9146: Add arguments to “ftp” CheckCommand
  • Feature 9147: Add arguments to “tcp” CheckCommand
  • Feature 9176: ITL Documentation: Add a link for passing custom attributes as command parameters
  • Feature 9180: Include Windows support details in the documentation
  • Feature 9185: Add timestamp support for PerfdataWriter
  • Feature 9191: Add “mongodb” CheckCommand definition
  • Feature 9238: Bundle NSClient++ in Windows Installer
  • Feature 9254: Add ‘disk_smb’ Plugin CheckCommand definition
  • Feature 9256: Determine NSClient++ installation path using MsiGetComponentPath
  • Feature 9260: Include <nscp> by default on Windows
  • Feature 9261: Add the –load-all and –log options for nscp-local
  • Feature 9263: Add support for installing NSClient++ in the Icinga 2 Windows wizard
  • Feature 9270: Update service apply for documentation
  • Feature 9272: Add ‘iftraffic’ to plugins-contrib check command definitions
  • Feature 9285: Best practices: cluster config sync
  • Feature 9297: Add examples for function usage in “set_if” and “command” attributes
  • Feature 9310: Add typeof in ‘assign/ignore where’ expression as example
  • Feature 9311: Add local variable scope for *Command to documentation (host, service, etc)
  • Feature 9313: Use a more simple example for passing command parameters
  • Feature 9318: Explain string concatenation in objects by real-world example
  • Feature 9363: Update documentation for escape sequences
  • Feature 9419: Enhance cluster/client troubleshooting
  • Feature 9420: Enhance cluster docs with HA command_endpoints
  • Feature 9431: Documentation: Move configuration before advanced topics


  • Bug 8853: Syntax Highlighting: host.address vs host.add
  • Bug 8888: Icinga2 –version: Error showing Distribution
  • Bug 8891: Node wont connect properly to master if host is is not set for Endpoint on new installs
  • Bug 9055: Wrong timestamps w/ historical data replay in DB IDO
  • Bug 9109: WIN: syslog is not an enable-able feature in windows
  • Bug 9116: node update-config reports critical and warning
  • Bug 9121: Possible DB deadlock
  • Bug 9131: Missing “)” in last Apply Rules example
  • Bug 9142: Downtimes are always “fixed”
  • Bug 9143: Incorrect type and state filter mapping for User objects in DB IDO
  • Bug 9161: ‘disk': wrong order of threshold command arguments
  • Bug 9187: SPEC: Give group write permissions for perfdata dir
  • Bug 9205: port empty when using icinga2 node wizard
  • Bug 9222: Missing custom attributes in backends if name is equal to object attribute
  • Bug 9253: Incorrect variable name in the ITL
  • Bug 9255: –scm-installs fails when the service is already installed
  • Bug 9258: Some checks in the default Windows configuration fail
  • Bug 9259: Disk and ‘icinga’ services are missing in the default Windows config
  • Bug 9268: Typo in Configuration Best Practice
  • Bug 9269: Wrong permission etc on windows
  • Bug 9324: Multi line output not correctly handled from compat channels
  • Bug 9328: Multiline vars are broken in objects.cache output
  • Bug 9372: plugins-contrib.d/databases.conf: wrong argument for mssql_health
  • Bug 9389: Documentation: Typo
  • Bug 9390: Wrong service table attributes in Livestatus documentation
  • Bug 9393: Documentation: Extend Custom Attributes with the boolean type
  • Bug 9394: Including <nscp> on Linux fails with unregistered function
  • Bug 9399: Documentation: Typo
  • Bug 9406: Selective cluster reconnecting breaks client communication
  • Bug 9412: Documentation: Update the link to register a new Icinga account

Docker, Docker, Docker!

docker-logoWe are already using Docker and container based implementations during development, package builds and tests. This helps speed up development quite a lot next to the fancy Vagrant boxes. Since we’ve seen community members creating docker images for everything we thought we’d give it a try for our own official Docker container – our notebooks used in live demos at Icinga Camps certainly say thanks ;)

One problem arises – Docker containers are not made for running multiple applications, you would normally run each application inside its own container, and only export volumes and ports for communication links. A demo environment for Icinga 2 requires as least:

  • Web server (httpd, apache2, etc)
  • Database server (MariaDB, etc)
  • Icinga 2 daemon

Furthermore we want to serve Icinga Web 2 as primary frontend and need to export port 80 for browser access. Even with SSH access for whatever comes to mind.

There’s already a Debian based Docker container using supervisord starting multiple applications in foreground. Taking this example whilst adding our own requirements into a CentOS7 based container (similar to the Vagrant boxes) leads us to our very own icinga2 Docker container.

It requires you to have at least Docker v1.6.0+ installed, then fire away and bind port 80 to your host’s port 3080:

$ sudo docker run -ti -p 3080:80 icinga/icinga2

Navigate to http://localhost:3080/icingaweb2/ and login using icingaadmin/icinga as credentials.

Keep in mind that the Docker container was made for test, development and demo purposes without any further production support.

If you’re planning to try Icinga Web 2 for example and want to test your own local patches, just mount the exported volumes like this:

$ sudo docker run -ti -p 3081:80 -v /usr/share/icingaweb2 /etc/icingaweb2 icinga/icinga2

There are additional volumes for /etc/icinga2 and /var/lib/icinga2 available. If you’re planning to modify the container image, you’ll find all required instructions inside the git repository.

On the long run, one might think of an Icinga 2 application cluster based on Docker containers. Who knows – happy testing & sending patches! :-)

Icinga 2 bugfix release 2.3.4

i2_pcc_check_mysql_healthIcinga 2 v2.3.4 incorporates a couple of bug fixes and also adds additional plugin check command definitions for the database plugins such as check_mysql_health or check_postgres.

Packages builds for various distributions should be available soon.



  • Bugfixes
  • ITL: Check commands for various databases
  • Improve validation messages for time periods
  • Update max_check_attempts in generic-{host,service} templates
  • Update logrotate configuration


  • Feature 8760: Add database plugins to ITL
  • Feature 8803: Agent Wizard: add options for API defaults
  • Feature 8893: Improve timeperiod validation error messages
  • Feature 8895: Add explanatory note for Icinga2 client documentation
  • Bug 8808: logrotate doesn’t work on Ubuntu
  • Bug 8821: command_endpoint check_results are not replicated to other endpoints in the same zone
  • Bug 8879: Reword documentation of check_address
  • Bug 8881: Add arguments to the UPS check
  • Bug 8889: Fix a minor markdown error
  • Bug 8892: Validation errors for time ranges which span the DST transition
  • Bug 8894: Default max_check_attempts should be lower for hosts than for services
  • Bug 8913: Windows Build: Flex detection
  • Bug 8917: Node wizard should only accept ‘y’, ‘n’, ‘Y’ and ‘N’ as answers for boolean questions
  • Bug 8919: Fix complexity class for Dictionary::Get
  • Bug 8987: Fix a typo
  • Bug 9012: Typo in graphite feature enable documentation
  • Bug 9014: Don’t update scheduleddowntime table w/ trigger_time column when only adding a downtime
  • Bug 9016: Downtimes which have been triggered are not properly recorded in the database
  • Bug 9017: scheduled_downtime_depth column is not reset when a downtime ends or when a downtime is being removed
  • Bug 9021: Multiple log messages w/ “Attempting to send notifications for notification object”
  • Bug 9041: Acknowledging problems w/ expire time does not add the expiry information to the related comment for IDO and compat
  • Bug 9045: Vim syntax: Match groups before host/service/user objects
  • Bug 9049: check_disk order of command arguments
  • Bug 9050: web.conf is not in the RPM package
  • Bug 9064: troubleshoot truncates crash reports
  • Bug 9069: Documentation: set_if usage with boolean values and functions
  • Bug 9073: custom attributes with recursive macro function calls causing sigabrt

Icinga 1.13.0 released

logo_icingaWhile you may have seen a lot of updates in our 2.x development head, Icinga 1.x is still alive and being patched and bug-fixed. Some smaller features have also been incorporated into 1.13.0 so consider upgrading your existing installation.


Changelog Core, IDOUtils, Classic UI


  • Remove deprecated event_profiling_enabled from icinga.cfg
  • Remove deprecated broker_module from icinga.cfg (use module object configuration instead)
  • Add module config examples in modules/ directory (livestatus, mod_gearman, pnp4nagios, flapjack)
  • Move contrib/downtimes to tools/downtimes and add ‘make install-downtimes’


  • Feature #1867: Recurring Downtimes
  • Feature #6353: deprecate icinga.cfg:broker_module; add more module examples
  • Feature #8007: Implement an option to disable transactions
  • Feature #8139: Add functions for registering file descriptors closed on fork()
  • Feature #8140: Add Check Result List Mutex for NEB modules
  • Feature #8426: Remove constraint from *dependencies tables
  • Feature #8440: Enhance idomod logging


  • Bug #6263: Race condition in init.d scripts’ stop
  • Bug #6762: Icinga crashes when “args” attribute is not specified for modules
  • Bug #7004: GET form param has no effect on cmd.cgi acks (again)
  • Bug #8202: Cool tip text for refresh of hosts and services says “I’m so lonely up here. Where should I go?”
  • Bug #8441: require the ‘config_file’ argument in idomod modules configuration
  • Bug #8445: cmd.cgi use_ack_end_time param does not enable tickbox in form

Download icinga-1.13.0 here.

Changelog Web


  • Ewoud Kohl van Wijngaarden found a way for an SQL injection in Icinga Web’s API. An authenticated user could inject SQL code via a crafted JSON filter (#7924, CVE-2015-2685)

We recommend to update your installation to 1.13.0 as the features are minimal invasive.

Notable changes and features

  • The log now contains the ip address of a user login failed, or the user just logged in and out (#7357)
  • We implemented a command log that contains any command that is send to the Icinga core by an user – written to a separate log file command-20XX-XX-XX.log (#7893)
  • (Bug) Acknowledgments where sent without a proper sticky declaration. This problem has been fixed and host or service acknowledgments are now sticky by default – what it should and was intended to be. (#5838 #7003) Please review our documentation if you are not sure what sticky means.
  • Grids can now display customvariables. Because customvariables are customised on every installation, this feature is disabled by default. See  doc/grids_and_customvars.md for further information.

Other bugs

  • When using Kerberos authentication in a web server a user could receive all credentials when he had a role that had no credentials set (#7892) In our tests that only happens with Kerberos users.
  • When a user could not be imported during login the database exception was not generated correctly (#8301)
  • Don’t contact more authentication providers than necessary during login. Thanks to Victor Hahn (#8341)
  • Fixed the irritating error during application state reset (#8523) The state was always cleared, but an error popped up for the user.

Download icinga-web-1.13.0 here.

Icinga 2 bug fix release 2.3.3

We have just released version 2.3.3. This release fixes a number of bugs and introduces a select few minor features and documentation changes:

  • Feature 8685: Show state/type filter names in notice/debug log
  • Feature 8686: Update documentation for “apply for” rules
  • Feature 8693: New function: parse_performance_data
  • Feature 8740: Add “access objects at runtime” examples to advanced section
  • Feature 8761: Include more details in –version
  • Feature 8816: Add “random” CheckCommand for test and demo purposes
  • Feature 8827: Move release info in INSTALL.md into a separate file
  • Bug 8660: Update syntax highlighting for 2.3 features
  • Bug 8677: Re-order the object types in alphabetical order
  • Bug 8724: Missing config validator for command arguments ‘set_if’
  • Bug 8734: startup.log broken when the DB schema needs an update
  • Bug 8736: Don’t update custom vars for each status update
  • Bug 8748: Don’t ignore extraneous arguments for functions
  • Bug 8749: Build warnings with CMake 3.1.3
  • Bug 8750: Flex version check does not reject unsupported versions
  • Bug 8753: Fix a typo in the documentation of ICINGA2_WITH_MYSQL and ICINGA2_WITH_PGSQL
  • Bug 8755: Fix VIM syntax highlighting for comments
  • Bug 8757: Add missing keywords in the syntax highlighting files
  • Bug 8762: Plugin “check_http” is missing in Windows environments
  • Bug 8763: Typo in doc library-reference
  • Bug 8764: Revamp migration documentation
  • Bug 8765: Explain processing logic/order of apply rules with for loops
  • Bug 8766: Remove prompt to create a TicketSalt from the wizard
  • Bug 8767: Typo and invalid example in the runtime macro documentation
  • Bug 8769: Improve error message for invalid field access
  • Bug 8770: object Notification + apply Service fails with error “…refers to service which doesn’t exist”
  • Bug 8771: Correct HA documentation
  • Bug 8829: Figure out why command validators are not triggered
  • Bug 8834: Return doesn’t work inside loops
  • Bug 8844: Segmentation fault when executing “icinga2 pki new-cert”
  • Bug 8862: wrong ‘dns_lookup’ custom attribute default in command-plugins.conf
  • Bug 8866: Fix incorrect perfdata templates in the documentation
  • Bug 8869: Array in command arguments doesn’t work

You can look up the bug ID in our issue tracker at dev.icinga.org. Updated packages should be available shortly.