Direct link to Host/Service problem in Message Notification
Direct link to Host/Service problem in Message Notification
Under Core we used to have a direct link to the host/service in the email alert which allowed us to click straight through to the page on our smart phones etc to easily acknowledge problems. We did this by using the "note_url" in our host and service definition. upon switching to XI I reformatted the URL for XI as follows.
notes_url http://nagios.mydomain.net/nagiosxi/inc ... =$HOSTNAME$
and
notes_url http://nagios.mydomain.net/nagiosxi/inc ... &dest=auto
The problem is when you click on these we keep a message about session being timed out rather then being asked for auth then sending us to the page like under the old CORE. Also when you click on my service URL it just sends you to the service status page, rather then the Service Status Detail page.
Any help on how I can restore this functionality.
notes_url http://nagios.mydomain.net/nagiosxi/inc ... =$HOSTNAME$
and
notes_url http://nagios.mydomain.net/nagiosxi/inc ... &dest=auto
The problem is when you click on these we keep a message about session being timed out rather then being asked for auth then sending us to the page like under the old CORE. Also when you click on my service URL it just sends you to the service status page, rather then the Service Status Detail page.
Any help on how I can restore this functionality.
Re: Direct link to Host/Service problem in Message Notification
My Commands for the note URL see to have gotten truncated.... here they are again in an appropriate code bracket.
Code: Select all
notes_url http://nagios.mydomain.net/nagiosxi/includes/components/xicore/status.php?show=servicedetail&host=$HOSTNAME$&service=$SERVICEDESC$&dest=auto
notes_url http://nagios.mydomain.net/nagiosxi/includes/components/xicore/status.php?show=hostdetail&host=$HOSTNAME$
Re: Direct link to Host/Service problem in Message Notification
I'll see if I can recreate this on our end.
Would you be willing to send us the hyperlink output that you get in one of those emails (minus your domain). I'd like to double check that it's sending valid commands through the url. We did some security updates that protect from code injections into the url, but I'm wondering if that's causing an issue here.
Would you be willing to send us the hyperlink output that you get in one of those emails (minus your domain). I'd like to double check that it's sending valid commands through the url. We did some security updates that protect from code injections into the url, but I'm wondering if that's causing an issue here.
Re: Direct link to Host/Service problem in Message Notification
Example Service
Example Host;
Code: Select all
***** Nagios *****
Notification Type: PROBLEM
Acknowledged By:
Acknowledgment Note:
URL: http://nagios.mydomain.net/nagiosxi/includes/components/xicore/status.php?show=servicedetailhost=dynamic1.chi.mydomain.netservice=PROCESSESdest=auto
Service: PROCESSES
Host: dynamic1.chi.mydomain.net
Address: 172.16.110.31
State: CRITICAL
Date/Time: Thu Aug 26 16:10:11 EDT 2010
Additional Info:
PROCS CRITICAL: 1055 processes with STATE = RSZDT
Code: Select all
***** Nagios *****
Notification Type: PROBLEM
Acknowledged By:
Acknowledgement Note:
URL: http://nagios.mydomain.net/nagiosxi/includes/components/xicore/status.php?show=hostdetailhost=admin.chi.mydomain.net
Host: admin.chi.mydomain.net
State: DOWN
Address: 172.16.110.11
Info: PING CRITICAL - Packet loss = 100%
Date/Time: Tue Aug 24 13:46:13 EDT 2010
Re: Direct link to Host/Service problem in Message Notification
Oh yeah, looks we broke that one with a security fix. There are supposed to be '&' symbols after each argument being passed in the browser and it looks like those are being stripped. I'll file that in the bug tracker and we'll try and have that fixed with the next update.
Just to verify, the links should work with the &'s added back in.
Just to verify, the links should work with the &'s added back in.
Code: Select all
http://nagios.mydomain.net/nagiosxi/includes/components/xicore/status.php?show=servicedetail&host=dynamic1.chi.mydomain.net&service=PROCESSES&dest=auto
http://nagios.mydomain.net/nagiosxi/includes/components/xicore/status.php?show=hostdetail&host=admin.chi.mydomain.net
Re: Direct link to Host/Service problem in Message Notification
yes with the "&" everything is working.
A short term work around though I understand *not recommended* would be to remove the & from the illegal_macro_output_chars in the nagios.cfg I suppose?
A short term work around though I understand *not recommended* would be to remove the & from the illegal_macro_output_chars in the nagios.cfg I suppose?
Re: Direct link to Host/Service problem in Message Notification
The recent change uses html_entities as provided by PHP and is not configurable using nagios.cfg. As for illegal_macro_output_chars, '&' is especially dangerousness because '&&' can be used as a synonym for ';' vary easily allowing a macro to run applications(via a shell inject) it other wise would not be able to access.
The text should not be passing through NagiosCore, NagiosCore signals NagiosXI when an alert needs to be sent out. NagiosXI should then be responsible for dispatching the notifications.
The text should not be passing through NagiosCore, NagiosCore signals NagiosXI when an alert needs to be sent out. NagiosXI should then be responsible for dispatching the notifications.
Re: Direct link to Host/Service problem in Message Notification
Could you clarify if you are :
1. using the notification message format that is available through the Nagios XI interface
or
2. using lower-level notification commands directly in Nagios Core
If the latter, you would have to adjust the illegal_macro_output_chars option in the config file.
If this former, use something like this in your custom email notification message format:
Note that XI uses new psuedo-macros contained by percent (%) signs, whereas the lower-level Nagios Core commands still require the older $macro$ style.
1. using the notification message format that is available through the Nagios XI interface
or
2. using lower-level notification commands directly in Nagios Core
If the latter, you would have to adjust the illegal_macro_output_chars option in the config file.
If this former, use something like this in your custom email notification message format:
Code: Select all
http://nagios.mydomain.net/nagiosxi/?xiwindow=includes/components/xicore/status.php?show=servicedetail&host=%host%&service=%service%&dest=auto
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Ethan Galstad
President
Ethan Galstad
President
Re: Direct link to Host/Service problem in Message Notification
We are using the "notify-host-by-email" and "notify-service-by-email" commands modded in the following way:
So the illegal macro thing fixes the links... however from a smart phone etc we still get the session timeout issue rather then being challenged for auth, and passed through to the final URL when authed properly.
So there is still a behaviour problem with XI vs Nagios Core.
Code: Select all
/usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nAcknowledged By: $HOSTACKAUTHORALIAS$\nAcknowledgement Note: $HOSTACKCOMMENT$ \nURL: $HOSTNOTESURL$\n\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /bin/mail -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$
So there is still a behaviour problem with XI vs Nagios Core.
Re: Direct link to Host/Service problem in Message Notification
So just to clarify, using the illegal macro trick you're able to make the links work on a PC, but not on the smart phones?
The problem does reside in the php htmlentities() function, we're currently discussing the best way to allow some of these characters through without sacrificing security to the system.
The problem does reside in the php htmlentities() function, we're currently discussing the best way to allow some of these characters through without sacrificing security to the system.