Page 1 of 1
Remove "Disable Notifications" feature for users?
Posted: Thu Sep 13, 2018 12:28 pm
by MrWoodward
Is there a way to remove the "Disable Notifications" feature for non-admin (regular) users?
Our users chronically click this button to silence alerts, which is problematic for many reasons:
1. The alert is now permanently silenced
2. We have no idea who silenced the alert
3. Or when the alert was silenced
4. Or why they silenced the alert
Of course, what they should have done was ACK the alert, but a lot of people who use Nagios at our site don't use Nagios XI all that much and take one look at their options
1. Ack the problem
2. Disable notification
And they, of course, choose the one that causes more problems and is unhelpful.
'Disable Notifications' is an "admin-like" privilege and should not be available to regular users.
How do we remove 'Disable Notifications' option for regular users?
Re: Remove "Disable Notifications" feature for users?
Posted: Thu Sep 13, 2018 2:26 pm
by lmiltchev
You can make these "regualar" users "read-only". This way, they wouldn't be able to disable notifications.
Regular users (without any "special permissions") should be able to enable/disable notifications only on objects they are added as monitoring contacts.
2. We have no idea who silenced the alert
3. Or when the alert was silenced
Check the audit log - you should be able to track down who silenced the alert and when.
Re: Remove "Disable Notifications" feature for users?
Posted: Thu Sep 13, 2018 2:40 pm
by MrWoodward
Unfortunately, we can't make these same users "Read-only" -- we still need them to do things like schedule downtime and what not.
We just need to take away their "silence notifications" ability so that it's not even an option.
Audit log. I found that. Thanks for that. Now I can go chat with my buddy who clicked "silence" instead of "ACK".
Regarding the audit log... Is that stored at the OS level?
Also, can we customize the way the audit log is formatted? We'd like to push this audit log into a data warehousing store and we'd like to format the log so that the DW store can parse the log easily.
Thanks.
Re: Remove "Disable Notifications" feature for users?
Posted: Thu Sep 13, 2018 3:07 pm
by lmiltchev
Audit log is stored in the DB
Code: Select all
echo 'desc xi_auditlog;' | mysql -t -u root -pnagiosxi nagiosxi
+-------------+--------------+------+-----+-------------------+-----------------------------+
| Field | Type | Null | Key | Default | Extra |
+-------------+--------------+------+-----+-------------------+-----------------------------+
| auditlog_id | int(11) | NO | PRI | NULL | auto_increment |
| log_time | timestamp | NO | MUL | CURRENT_TIMESTAMP | on update CURRENT_TIMESTAMP |
| source | text | YES | | NULL | |
| user | varchar(200) | YES | MUL | NULL | |
| type | int(11) | YES | MUL | NULL | |
| message | text | YES | | NULL | |
| ip_address | varchar(45) | YES | MUL | NULL | |
| details | text | YES | | NULL | |
+-------------+--------------+------+-----+-------------------+-----------------------------+
but it can also be written to a flat file.
Admin > System Config > System Settings > General > Write Audit Log to file = checked
example01.PNG
You can format the
/usr/local/nagiosxi/var/components/auditlog.log file any way you want it but keep in mind that formatting the audit log is not something that we are going to support. You will be on your own.