diff options
Diffstat (limited to 'package/icinga/src/etc/icinga/cgi.cfg')
| -rw-r--r-- | package/icinga/src/etc/icinga/cgi.cfg | 653 |
1 files changed, 653 insertions, 0 deletions
diff --git a/package/icinga/src/etc/icinga/cgi.cfg b/package/icinga/src/etc/icinga/cgi.cfg new file mode 100644 index 000000000..35057eb75 --- /dev/null +++ b/package/icinga/src/etc/icinga/cgi.cfg @@ -0,0 +1,653 @@ +################################################################# +# +# CGI.CFG - Sample CGI Configuration File for Icinga +# +################################################################# + + +# MAIN CONFIGURATION FILE +# This tells the CGIs where to find your main configuration file. +# The CGIs will read the main and host config files for any other +# data they might need. + +main_config_file=/etc/icinga/icinga.cfg + + +# ATTRIBUTE BASED AUTHORIZATION FILE +# This option will include a file defining authroization based on +# attributes. + +#authorization_config_file=/etc/icinga/cgiauth.cfg + + +# PHYSICAL HTML PATH +# This is the path where the HTML files for Icinga reside. This +# value is used to locate the logo images needed by the statusmap +# and statuswrl CGIs. + +physical_html_path=/usr/share + + + +# URL HTML PATH +# This is the path portion of the URL that corresponds to the +# physical location of the Icinga HTML files (as defined above). +# This value is used by the CGIs to locate the online documentation +# and graphics. If you access the Icinga pages with an URL like +# http://www.myhost.com/icinga, this value should be '/icinga' +# (without the quotes). + +url_html_path=/icinga + + + +# URL STYLESHEETS PATH +# This option allows to define an url stylesheet path other than the +# default ($url_html_path/stylesheets). This will be useful when +# adding custom stylesheets in another location. +# If not set, the default location will be used. + +url_stylesheets_path=/icinga/stylesheets + + + +# HTTP CHARSET +# This defines charset that is sent with HTTP headers. + +http_charset=utf-8 + + + +# CONTEXT-SENSITIVE HELP +# This option determines whether or not a context-sensitive +# help icon will be displayed for most of the CGIs. +# Values: 0 = disables context-sensitive help +# 1 = enables context-sensitive help + +show_context_help=0 + + + +# HIGHLIGHT TABLE ROWS +# This option allows you to define if table rows in status.cgi +# will be highlighted or not. +# Values: 0 = disables row highlighting +# 1 = enables row highlighting + +highlight_table_rows=1 + + + +# PENDING STATES OPTION +# This option determines what states should be displayed in the web +# interface for hosts/services that have not yet been checked. +# Values: 0 = leave hosts/services that have not been check yet in their original state +# 1 = mark hosts/services that have not been checked yet as PENDING + +use_pending_states=1 + + +# Logging + +# USE LOGGING +# If you want to log information from cgi's (e.g. all submitted commands) +# then set this option to 1, default is 0 (off). +# WARNING: +# This log is highly experimental and changes may occure without notice. Use at your own risk!! + +use_logging=0 + + +# CGI LOG FILE +# This is the cgi log file for information about what users are doing. +# At the moment only submitted commands from cmd.cgi will be logged. + +cgi_log_file=/usr/share/log/icinga-cgi.log + + +# CGI LOG ROTATION METHOD +# This is the log rotation method that should be used to rotate +# the cgi log file. Values are as follows.. +# n = None - don't rotate the log +# h = Hourly rotation (top of the hour) +# d = Daily rotation (midnight every day) +# w = Weekly rotation (midnight on Saturday evening) +# m = Monthly rotation (midnight last day of month) + +cgi_log_rotation_method=d + + +# CGI LOG ARCHIVE PATH +# This is the directory where archived (rotated) cgi log files should be +# placed (assuming you've chosen to do log rotation). + +cgi_log_archive_path=/usr/share/log + + +# FORCE COMMENT +# This option forces the users of to comment every action they perform. +# The comments get logged into cgi log file. This option only has effect +# if logging is switched on. See option "use_logging" +# Default is 0 (off), to activate it set it to 1 (on). + +enforce_comments_on_actions=0 + + +# FIRST DAY OF WEEK +# Here you can set if your week starts on sunday or monday. +# Default is 0 (Sunday), set it to 1 if your week start monday. + +first_day_of_week=0 + + +# AUTHENTICATION USAGE +# This option controls whether or not the CGIs will use any +# authentication when displaying host and service information, as +# well as committing commands to Icinga for processing. +# +# Read the HTML documentation to learn how the authorization works! +# +# NOTE: It is a really *bad* idea to disable authorization, unless +# you plan on removing the command CGI (cmd.cgi)! Failure to do +# so will leave you wide open to kiddies messing with Icinga and +# possibly hitting you with a denial of service attack by filling up +# your drive by continuously writing to your command file! +# +# Setting this value to 0 will cause the CGIs to *not* use +# authentication (bad idea), while any other value will make them +# use the authentication functions (the default). + +use_authentication=1 + + + + +# x509 CERT AUTHENTICATION +# When enabled, this option allows you to use x509 cert (SSL) +# authentication in the CGIs. This is an advanced option and should +# not be enabled unless you know what you're doing. + +use_ssl_authentication=0 + + + + +# DEFAULT USER +# Setting this variable will define a default user name that can +# access pages without authentication. This allows people within a +# secure domain (i.e., behind a firewall) to see the current status +# without authenticating. You may want to use this to avoid basic +# authentication if you are not using a secure server since basic +# authentication transmits passwords in the clear. +# +# Important: Do not define a default username unless you are +# running a secure web server and are sure that everyone who has +# access to the CGIs has been authenticated in some manner! If you +# define this variable, anyone who has not authenticated to the web +# server will inherit all rights you assign to this user! + +#default_user_name=guest + + + +# SYSTEM/PROCESS INFORMATION ACCESS +# This option is a comma-delimited list of all usernames that +# have access to viewing the Icinga process information as +# provided by the Extended Information CGI (extinfo.cgi). By +# default, *no one* has access to this unless you choose to +# not use authorization. You may use an asterisk (*) to +# authorize any user who has authenticated to the web server. +# Alternatively you can specify contactgroups too, starting +# with Icinga 1.5.0 + +authorized_for_system_information=icingaadmin +#authorized_contactgroup_for_system_information= + + +# CONFIGURATION INFORMATION ACCESS +# This option is a comma-delimited list of all usernames that +# can view ALL configuration information (hosts, commands, etc). +# By default, users can only view configuration information +# for the hosts and services they are contacts for. You may use +# an asterisk (*) to authorize any user who has authenticated +# to the web server. +# Alternatively you can specify contactgroups too, starting +# with Icinga 1.5.0 + +authorized_for_configuration_information=icingaadmin +#authorized_contactgroup_for_configuration_information= + + +# RAW COMMANDLINE CONFIGURATION INFORMATION ACCESS +# This option is a comma-delimited list of all usernames that +# can view a command in config command expander as icinga would +# execute it. To resolve all MACROS it is necessary to allow +# read access to the web server for resource.cfg . +# CAUTION: $USERXX$ vars and custom vars can contain sensitive +# data. +# Alternatively you can specify contactgroups too. + +authorized_for_full_command_resolution=icingaadmin +#authorized_contactgroup_for_full_command_resolution= + + +# SYSTEM/PROCESS COMMAND ACCESS +# This option is a comma-delimited list of all usernames that +# can issue shutdown and restart commands to Icinga via the +# command CGI (cmd.cgi). Users in this list can also change +# the program mode to active or standby. By default, *no one* +# has access to this unless you choose to not use authorization. +# You may use an asterisk (*) to authorize any user who has +# authenticated to the web server. +# Alternatively you can specify contactgroups too, starting +# with Icinga 1.5.0 + +authorized_for_system_commands=icingaadmin +#authorized_contactgroup_for_system_commands= + + +# GLOBAL HOST/SERVICE VIEW ACCESS +# These two options are comma-delimited lists of all usernames that +# can view information for all hosts and services that are being +# monitored. By default, users can only view information +# for hosts or services that they are contacts for (unless you +# you choose to not use authorization). You may use an asterisk (*) +# to authorize any user who has authenticated to the web server. +# Alternatively you can specify contactgroups too, starting +# with Icinga 1.5.0 + + +authorized_for_all_services=icingaadmin +authorized_for_all_hosts=icingaadmin +#authorized_contactgroup_for_all_services= +#authorized_contactgroup_for_all_hosts= + + +# GLOBAL HOST/SERVICE COMMAND ACCESS +# These two options are comma-delimited lists of all usernames that +# can issue host or service related commands via the command +# CGI (cmd.cgi) for all hosts and services that are being monitored. +# By default, users can only issue commands for hosts or services +# that they are contacts for (unless you you choose to not use +# authorization). You may use an asterisk (*) to authorize any +# user who has authenticated to the web server. +# Alternatively you can specify contactgroups too, starting +# with Icinga 1.5.0 + +authorized_for_all_service_commands=icingaadmin +authorized_for_all_host_commands=icingaadmin +#authorized_contactgroup_for_all_service_commands= +#authorized_contactgroup_for_all_host_commands= + + +# READ-ONLY USERS +# A comma-delimited list of usernames that have read-only rights in +# the CGIs. This will block any service or host commands normally shown +# on the extinfo CGI pages. It will also block comments from being shown +# to read-only users. +# Alternatively you can specify contactgroups too, starting +# with Icinga 1.5.0 + +#authorized_for_read_only=user1,user2 +#authorized_contactgroup_for_read_only= + + +# SHOW ALL SERVICES THE HOST IS AUTHORIZED FOR +# By default, a user can see all services on a host, if the user is +# authorized as contact for the host only. By disabling this option, +# the user must be an authorized contact for the service too in order +# to view it. +# Values: 0 - disabled, user must be authorized for services too +# 1 - enabled, user can view all services on authorized host + +show_all_services_host_is_authorized_for=1 + + +# SHOW PARTIAL HOSTGROUPS +# By default, a user only sees a hostgroup and the hosts within it if +# they are an authorized contact for all of the hosts of the group. By +# enabling this option hostgroups will show a partial listing of hosts +# the user is an authorized contact for in the hostgroups. +# Values: 0 - disabled, user only sees full hostgroups (default) +# 1 - enabled, user sees partial hostgroups + +show_partial_hostgroups=0 + + +# STATUSMAP BACKGROUND IMAGE +# This option allows you to specify an image to be used as a +# background in the statusmap CGI. It is assumed that the image +# resides in the HTML images path (i.e. /usr/local/icinga/share/images). +# This path is automatically determined by appending "/images" +# to the path specified by the 'physical_html_path' directive. +# Note: The image file may be in GIF, PNG, JPEG, or GD2 format. +# However, I recommend that you convert your image to GD2 format +# (uncompressed), as this will cause less CPU load when the CGI +# generates the image. + +#statusmap_background_image=smbackground.gd2 + + + + +# STATUSMAP TRANSPARENCY INDEX COLOR +# These options set the r,g,b values of the background color used the statusmap CGI, +# so normal browsers that can't show real png transparency set the desired color as +# a background color instead (to make it look pretty). +# Defaults to white: (R,G,B) = (255,255,255). + +#color_transparency_index_r=255 +#color_transparency_index_g=255 +#color_transparency_index_b=255 + + + + +# DEFAULT STATUSMAP LAYOUT METHOD +# This option allows you to specify the default layout method +# the statusmap CGI should use for drawing hosts. If you do +# not use this option, the default is to use user-defined +# coordinates. Valid options are as follows: +# 0 = User-defined coordinates +# 1 = Depth layers +# 2 = Collapsed tree +# 3 = Balanced tree +# 4 = Circular +# 5 = Circular (Marked Up) + +default_statusmap_layout=5 + + + +# DEFAULT STATUSWRL LAYOUT METHOD +# This option allows you to specify the default layout method +# the statuswrl (VRML) CGI should use for drawing hosts. If you +# do not use this option, the default is to use user-defined +# coordinates. Valid options are as follows: +# 0 = User-defined coordinates +# 2 = Collapsed tree +# 3 = Balanced tree +# 4 = Circular + +default_statuswrl_layout=4 + + + +# STATUSWRL INCLUDE +# This option allows you to include your own objects in the +# generated VRML world. It is assumed that the file +# resides in the HTML path (i.e. /usr/local/icinga/share). + +#statuswrl_include=myworld.wrl + + + +# PING SYNTAX +# This option determines what syntax should be used when +# attempting to ping a host from the WAP interface (using +# the statuswml CGI. You must include the full path to +# the ping binary, along with all required options. The +# $HOSTADDRESS$ macro is substituted with the address of +# the host before the command is executed. +# Please note that the syntax for the ping binary is +# notorious for being different on virtually ever *NIX +# OS and distribution, so you may have to tweak this to +# work on your system. + +ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$ + + + +# REFRESH RATE +# This option allows you to specify the refresh rate in seconds +# of various CGIs (status, statusmap, extinfo, and outages). + +refresh_rate=90 + + + +# ESCAPE HTML TAGS +# This option determines whether HTML tags in host and service +# status output is escaped in the web interface. If enabled, +# your plugin output will not be able to contain clickable links. + +escape_html_tags=1 + + + +# PERSISTENT ACKNOWLEDGEMENT COMMENTS +# This options determines whether the initial state of the +# checkbox "Persistent Comment:" for service and host problem +# acknowledgements is checked or unchecked + +persistent_ack_comments=0 + + +# SOUND OPTIONS +# These options allow you to specify an optional audio file +# that should be played in your browser window when there are +# problems on the network. The audio files are used only in +# the status CGI. Only the sound for the most critical problem +# will be played. Order of importance (higher to lower) is as +# follows: unreachable hosts, down hosts, critical services, +# warning services, and unknown services. If there are no +# visible problems, the sound file optionally specified by +# 'normal_sound' variable will be played. +# +# +# <varname>=<sound_file> +# +# Note: All audio files must be placed in the /media subdirectory +# under the HTML path (i.e. /usr/local/icinga/share/media/). + +#host_unreachable_sound=hostdown.wav +#host_down_sound=hostdown.wav +#service_critical_sound=critical.wav +#service_warning_sound=warning.wav +#service_unknown_sound=warning.wav +#normal_sound=noproblem.wav + + + +# URL TARGET FRAMES +# These options determine the target frames in which notes and +# action URLs will open. Default is main frame. + +action_url_target=main +notes_url_target=main +#action_url_target=_blank +#notes_url_target=_blank + + + + +# LOCK AUTHOR NAMES OPTION +# This option determines whether users can change the author name +# when submitting comments, scheduling downtime. If disabled, the +# author names will be locked into their contact name, as defined in Icinga. +# Values: 0 = allow editing author names +# 1 = lock author names (disallow editing) + +lock_author_names=1 + + + +# DEFAULT DOWNTIME DURATION +# This option defines the default duration (in seconds) of fixed and +# flexible downtimes. Default is 7200 seconds (2 hours). + +default_downtime_duration=7200 + + + +# DEFAULT EXPIRING ACKNOWLEDGEMENT DURATION +# This option defines the default duration (in seconds) of a expiring +# acknowledgement. Default is 86400 seconds (1 day). + +default_expiring_acknowledgement_duration=86400 + + + +# SHOW LONG PLUGIN OUTPUT IN STATUS OPTION +# This option allows you to specify the length of status information +# in output of status.cgi. If you set the value to 1 it shows the +# full plugin output instead of the first line only. +# Default value is 0. + +status_show_long_plugin_output=0 + + + +# SHOW ONLY HARD STATES IN TAC OPTION +# This options allows you to specify if the tactical overview +# should only show hard states on hosts and services. +# By default disabled, all states will be shown. + +tac_show_only_hard_state=0 + + + +# SHOW CHILD HOSTS IN EXTINFO OPTION +# This Option allows you to specify if the extended host information +# cgi will show child hosts for the selected host. +# 0 = disabled +# 1 = only show immediate child hosts +# 2 = show immediate and all child hosts +# NOTE: Option 2 could be a real performance killer in +# large installations, so use with care. +# By default disabled, as this could be a performance killer. + +extinfo_show_child_hosts=0 + + + +# SUPPRESS MAINTENANCE DOWNTIME +# This options suppresses the state coloring of hosts and services +# that are in a scheduled downtime. It sets their coloring to gray, +# so they no longer draw extra attention to themselves, making it +# so only actual problems are the ones that stand out. +# By default it is disabled. + +suppress_maintenance_downtime=0 + + +# SHOW TAC INFORMATION IN TOP FRAME +# This options places tactical overview information in +# the top frame similar to the view that's in icinga-web. +# By default it is enabled. + +show_tac_header=1 + + +# SHOW PENDING IN TAC HEADER +# This options enables the display of pending counts in +# the tac header. If your display is less than 1024x768 +# and this is enabled, the tactical information may not +# fit well in the top frame. +# By default it is enabled. + +show_tac_header_pending=1 + + + +# SHOW INITIAL STATES IN SHOWLOG OPTION +# This options allows you to specify if initial states +# of hosts and services should be shown in showlog.cgi +# Note: This Option only works if the option +# "log_initial_states" in icinga.cfg is set to 1. +# By default it's enabled. Default is 0. + +#showlog_initial_states=0 + + + +# SHOW CURRENT STATES IN SHOWLOG OPTION +# This options allows you to specify if current states +# of hosts and services should be shown in showlog.cgi +# Note: This Option only works if the option +# "log_current_states" in icinga.cfg is set to 1. +# By default it's enabled. Default is 0. + +#showlog_current_states=0 + + + +# CSV DELIMITER +# This option determines the character which should act as +# delimiter. Default is ";". + +#csv_delimiter=; + + + +# CSV DATA ENCLOSURE +# This option determines the character which should act as +# data enclosure to wrap in the data. Default is "'". + +#csv_data_enclosure=' + + + +# TAB-FRIENDLY <TITLE>S +# Activating this option changes the <title> of status.cgi +# and extinfo.cgi when they refer to a single host, service, +# or group. They will then read: +# [Host] +# {HostGroup} +# ServiceDesc @ Host +# (ServiceGroup) +# These are easier to read and find if you use (many) tabs +# in your browser. +# Default is enabled. 0=disabled, 1=enabled + +tab_friendly_titles=1 + + +# SERVICE STATES TO ANNOTATE WITH CURRENT NOTIFICATION NO. +# Set this to an OR of the service state identifiers for +# which status.cgi should not only report "Attempts" (e.g., +# "3/3" for a HARD non-OK state with max_check_attempts=3) +# but also the current notification number ("(#0)" if no +# problem notification has been sent yet, etc.). This is +# helpful to identify services which switched between +# different non-OK states a lot, or services which have a +# first_notification_delay set and are "not yet officially" +# considered in trouble. +# Relevant values from include/statusdata.h (look them up +# *there* if you want to be *really* sure): +# #define SERVICE_PENDING 1 +# #define SERVICE_OK 2 +# #define SERVICE_WARNING 4 +# #define SERVICE_UNKNOWN 8 +# #define SERVICE_CRITICAL 16 +# You'll likely want to use add_notif_num_hard=0 (default) +# or add_notif_num_hard=28 (warn+crit+unknown). There's an +# add_notif_num_soft affecting services in a SOFT state +# for sake of completeness, too. + +#add_notif_num_hard=28 +#add_notif_num_soft=0 + + + +# SPLUNK INTEGRATION OPTIONS +# These options allow you to enable integration with Splunk +# in the web interface. If enabled, you'll be presented with +# "Splunk It" links in various places in the CGIs (log file, +# alert history, host/service detail, etc). Useful if you're +# trying to research why a particular problem occurred. +# For more information on Splunk, visit http://www.splunk.com/ + +# This option determines whether the Splunk integration is enabled +# Values: 0 = disable Splunk integration +# 1 = enable Splunk integration + +#enable_splunk_integration=1 + + +# This option should be the URL used to access your instance of Splunk + +#splunk_url=http://127.0.0.1:8000/ + + + |