Monitoring Engine Disabled?
Re: Monitoring Engine Disabled?
@jolson. Yes, all are using HTTPS.
Nagios XI 2024R2.2.1 (8 Servers)
Nagios Fusion 2024R1.0.2
Nagios Fusion 2024R1.0.2
Re: Monitoring Engine Disabled?
Please run the command below on the Fusion server:
Go to the Fusion web interface and click on "Tactical Overview" and copy the text from right above the problem server and post it here.
When you are done, change it back with:
Code: Select all
sed -i 's/curl_close($ch);/curl_close\(\$ch\);print_r\(\$response\);/g' /usr/local/nagiosfusion/html/includes/utilsx.inc.phpWhen you are done, change it back with:
Code: Select all
sed -i 's/curl_close($ch);print_r($response);/curl_close\(\$ch\);/g' /usr/local/nagiosfusion/html/includes/utilsx.inc.phpRe: Monitoring Engine Disabled?
Code: Select all
HTTP/1.1 200 OK Date: Fri, 27 Mar 2015 12:08:25 GMT Server: Apache/2.2.15 (CentOS) X-Powered-By: PHP/5.3.3 Set-Cookie: nagiosxi=g5lmpr7ieportu5s2l6lf20if0; expires=Fri, 27-Mar-2015 12:38:25 GMT; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Access-Control-Allow-Origin: * Content-Length: 108 Connection: close Content-Type: text/xml Authentication FailureNagios XI 2024R2.2.1 (8 Servers)
Nagios Fusion 2024R1.0.2
Nagios Fusion 2024R1.0.2
Re: Monitoring Engine Disabled?
It's showing that it's getting an authentication error.
Go to Config > Manage Fused Servers and validate that the XI server experiencing the issue is set to session.
Then go to Config > Fused Server Credentials and make sure that the username is spelled properly, retrype the password, and click update.
Then go back to the tactical overview and see if it's resolved and let us know.
Go to Config > Manage Fused Servers and validate that the XI server experiencing the issue is set to session.
Then go to Config > Fused Server Credentials and make sure that the username is spelled properly, retrype the password, and click update.
Then go back to the tactical overview and see if it's resolved and let us know.
Re: Monitoring Engine Disabled?
Right, we saw.
For the record, fused accounts have not been modified in well over a year. We came in after the weekend to the identified issue. Regardless, I've followed your instruction. Issue still remains. Also note that the Fused Server Credentials indicate Auth Check "OK" across the XI instance too (both before and after re-issuing the password).
Update: For sake of troubleshooting, I went ahead and changed the password on the XI server. Issue resolved, but raises questions.
1. Why did Fusion report Auth Check "OK" still?
2. How was the password on this XI instance changed? Our records indicate no Administrative actions taken, requires further investigation.
3. XI Audit Log doesn't account UID changes?
For the record, fused accounts have not been modified in well over a year. We came in after the weekend to the identified issue. Regardless, I've followed your instruction. Issue still remains. Also note that the Fused Server Credentials indicate Auth Check "OK" across the XI instance too (both before and after re-issuing the password).
Update: For sake of troubleshooting, I went ahead and changed the password on the XI server. Issue resolved, but raises questions.
1. Why did Fusion report Auth Check "OK" still?
2. How was the password on this XI instance changed? Our records indicate no Administrative actions taken, requires further investigation.
3. XI Audit Log doesn't account UID changes?
You do not have the required permissions to view the files attached to this post.
Nagios XI 2024R2.2.1 (8 Servers)
Nagios Fusion 2024R1.0.2
Nagios Fusion 2024R1.0.2
Re: Monitoring Engine Disabled?
Most probably, the password was cached in the browser. Have you tried opening Fusion in a different browser?1. Why did Fusion report Auth Check "OK" still?
Someone must have changed the password. Unfortunately, in the "Audit Log" in XI, you will see only "User submitted a command to the subsystem" message, which doesn't actually tell you what command was submitted, so it is hard to say.2. How was the password on this XI instance changed? Our records indicate no Administrative actions taken, requires further investigation.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: Monitoring Engine Disabled?
Feel free to test the cache theory. The only logical explanation to bypass security is....
Over the weekend a regular user in our NOC forgot their password. This individual logged into Fusion and then navigated to a fused XI server using session pass-through. In an effort to change their password, they were able to change the Fused UID password (not their own) by mistakenly clicking on the "Logged in as: UID".
Speaking of sessions, can you please have Mike Okeefe chime in on status of the long outstanding changes to Fusion: Tracker ID http://tracker.nagios.com/view.php?id=436
Over the weekend a regular user in our NOC forgot their password. This individual logged into Fusion and then navigated to a fused XI server using session pass-through. In an effort to change their password, they were able to change the Fused UID password (not their own) by mistakenly clicking on the "Logged in as: UID".
Speaking of sessions, can you please have Mike Okeefe chime in on status of the long outstanding changes to Fusion: Tracker ID http://tracker.nagios.com/view.php?id=436
Nagios XI 2024R2.2.1 (8 Servers)
Nagios Fusion 2024R1.0.2
Nagios Fusion 2024R1.0.2
Re: Monitoring Engine Disabled?
I talked with Mike and made him aware and he said that he will contact you through email.
I will make sure that the developers are aware of this bug.
I will make sure that the developers are aware of this bug.
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: Monitoring Engine Disabled?
TBT,
I know this has been a long standing issue in many environments and just wanted to reach out letting you know it is very much so on our radar.
It is on the top of the list for the next major Fusion release to completely re-work how Fusion users interact with Nagios servers, providing the ability for users of XI systems to actually have proper filtering of the objects they have access to, as well as removing the caching that is causing your current situation.
While I hate to give hard timelines, I believe we should have this reworked for release sometime summer 2015.
I know this has been a long standing issue in many environments and just wanted to reach out letting you know it is very much so on our radar.
It is on the top of the list for the next major Fusion release to completely re-work how Fusion users interact with Nagios servers, providing the ability for users of XI systems to actually have proper filtering of the objects they have access to, as well as removing the caching that is causing your current situation.
While I hate to give hard timelines, I believe we should have this reworked for release sometime summer 2015.