Centreon Open Source

Introduction

Vous trouverez dans ce chapitre tout ce qui concerne Centreon Open Source.

Il est important de mettre à jour en utilisant la documentation adéquate de mise à jour et de lire attentivement les notes de mise à jour afin d'être au courant des changements qui pourraient impacter votre usage ou votre plateforme ou des développements spécifiques que vous auriez fait.

Pour faire des demandes d'évolutions ou signaler des bugs sur les extensions commerciales, vous pouvez vous rendre sur notre Github.

Retrouvez plus de détails sur la version 24.04 dans notre post de blog.

Centreon Web

24.04.9

Release date: December 19, 2024

Enhancements

• [API] Added missing configuration change logs for host severities configuration.
• [API] Added missing configuration change logs for service severities configuration.
• [API] Added missing configuration change logs for service template configuration.
• [API] Added missing configuration change logs for timeperiods configuration.
• [Configuration] Improved the tooltip for Broker's Unified SQL output.
• [Install] Add 24.10 support for unattended script.

Bug fixes

• [Action Log] The action details column now displays the correct information in the Action Log page.
• [API] Time period definitions containing the value 00:00-00:00 are now correctly taken into account.
• [Authentication] Fixed a random disconnection issue occurring with OpenID authentication.
• [Authentication] Fixed an issue preventing LDAP users with more than one email address to log in to Centreon.
• [Authentication] Fixed an issue with SSO authentication with SAML that occurred when users had a legacy page as default page.
• [Configuration] Adding a Centreon Broker output with lua parameters now works properly: values are no longer mixed up.
• [Custom Views] Fixed an issue with how the edit widget pencil icon was displayed.
• [Custom Views] Fixed an issue preventing some filters from functioning in the "Hostgroup monitoring" and "Host monitoring" widgets.
• [Downtimes] Fixed an issue where Service Groups could not be deleted in recurrent downtimes.
• [Dashboards][Widgets] In the resource selection fields, services containing a slash ("/") in their name no longer trigger an error.
• [Status Grid] Fixed an issue where an incorrect number of resources were displayed on hover.

Security fixes

• [Security] Fixed a security issue in media binary.
• [Security] Fixed an issue on virtual metric's RPN field.
• [Security] Fixed SQLi in "Host Monitoring" widget in Custom Views, for authenticated users having sufficient rights to edit the widget.
• [Security] Fixed SQLi in "Hostgroup Monitoring" widget in Custom Views, for authenticated users having sufficient rights to edit the widget.
• [Security] Fixed SQLi in "Hostgroup Monitoring" widget in Custom Views, for authenticated users having sufficient rights to export the results in CSV format.
• [Security] Fixed SQLi in "TOP10 CPU usage" widget in Custom Views, for authenticated users having sufficient rights to edit the widget.
• [Security] Fixed SQLi in "TOP10 Memory usage" widget in Custom Views, for authenticated users having sufficient rights to edit the widget.
• [Security] Improved an SQL query triggered via the Event Logs menu for better protection.

24.04.8

Release date: November 21, 2024

Enhancements

• [API] Added configuration change logs for hostgroup endpoints.
• [API] Added missing configuration change logs for host template configuration.
• [API] Added missing configuration change logs written when the configuration of services is deployed.

Bug fixes

• [Administration] The names of the metaservices are now correctly displayed in the "Administration > Parameters > Data" menu.
• [API] Fixed ACLs allowing access to a resource (host or service) upon its creation via the APIs by a non-administrator user.
• [API] The is_notifications_enabled value in the host configuration endpoint of the API is now correctly updated when notifications are enabled.
• [API Token] Fixed an issue with the expiration date of tokens in the API tokens page.
• [API Token] Using pagination, fixed the list of contacts that wasn't returning enough results.
• [Configuration] Custom macros are now correctly exported to the Remote Server when the configuration is deployed.
• [Configuration] Fixed incorrect links in the Export configuration page.
• [Configuration] Notification configuration data is no longer automatically added to services that are auto-created when creating a host based on a template.
• [Configuration] Updated the list of standard macros in the command creation form.
• [Core] Changed log file for the cron job that removed outdated tokens.
• [Core] The correct user theme is now applied even when options are changed in a user's profile.
• [Discovery] Automatic execution of host discovery jobs (export and reload of the poller configuration) no longer fails with an "insufficient rights" message.
• [Graphs] Fixed an issue where non-admin users were downloading empty CSV files.
• [Graphs] Fixed an issue with MySQL 8 where users got a blank page when editing a curve definition.
• [i18n] Fixed langage translation mismatch in performance graphs, in the predefined periods list.
• [i18n] Fixed typo in the Event Logs and ACL Resource Access pages.
• [Install] Added a missing ACL column in the Centreon database.
• [Resource Status] Custom column definitions are now saved correctly.
• [Resource Status] Duration units are now displayed correctly in the downtime window.
• [Resource Status] Fixed an issue preventing selected filters from being removed by clicking the 'x' symbol in the timeline tab.
• [Resource Status] Fixed an issue with the behavior of group chips in the resource detail panel.
• [Resource Status] Fixed display of scale/units on graphs containing multiple curves.
• [Resource Status] Fixed issue where actions in one browser tab were being replicated to another tab open on the same menu.
• [Resource Status] Fixed search filter for anomaly detection services.
• [Resource Status] Fixed the display of quick action button tooltips when they are hovered.
• [Resource Status] Fixed the redirection from the Event Logs page to Resource Status: the details panel is now opened on the correct resource.
• [Resource Status] If no notification has ever been sent, the "Last notification" field in the details panel is not displayed.
• [Resource Status] If no notification has ever been sent, the "Last notification" field in the details panel is left blank instead of displaying 1970.
• [Resource Status] Made downtime and acknowledge icons more visible in light and dark modes.
• [Resource Status] Removed list refresh that was triggered by hovering over the left main menu.
• [Resource Status] The monitoring server filter now takes into account spaces in poller names correctly.
• [Resource Status] The value of the "Conf Changed" column of the poller menu is now correctly updated when a service is added by manual discovery.
• [Resource Status] Tooltips on quick action buttons are now displayed only briefely when they are hovered, so as not to block the action button just below.
• [Status Chart widget] Filters on selected resources are now handled properly.
• [Widget Graph] Fixed "invalid metric format" error when using "threshold area color" parameter for curves.

Security fixes

• [Security] Improved checks on changed objects that update the "conf changed" column in the list of pollers.
• [Security] Fixed XSS vulnerability in "Administration > Logs" menu (CVE-2024-47863).
• [Security] Fixed XSS vulnerability on poller name in several menus.

24.04.7

Release date: September 30, 2024

Enhancements

• [API] Added an endpoint that automatically deploys the services brought by the host template.
• [Authentication] Rescheduled the task of deleting expired tokens.
• [Resource Status] Users can now filter by host name in view by host mode.

Bug fixes

• [Administration] Fixed access to the Add token button.
• [Authentication] Fixed an issue with the ‘X509, MultiFactor’ authentication method.
• [Authentication] Fixed incorrect URL redirection issue with OpenID Connect.
• [Authorization] Fixed an issue on ACLs reloading.
• [API] Added missing configuration change logs.
• [API] Fixed access control for monitoring servers configuration endpoints.
• [API] Fixed ACL for meta-service endpoint.
• [CLAPI] The -V command now displays the version of Centreon with no unnecessary message.
• [Configuration] Fixed an issue on mass change which enabled disabled services.
• [Configuration] The central server’s ID is now correctly configured in the Gorgone configuration
• [Configuration] Fixed an issue with the list of available metrics in the metaservices form.
• [Configuration] The correct value for the notification activation option is now written to the Engine configuration file.
• [Dataset] Fixed filtering when searching for a resource.
• [Dataset] Handled special characters in metrics.
• [Dashboards] Fixed the search for hosts in the resource status widget.
• [Graph] Fixed an error that occurred when editing curves.
• [Graph] You can now select a metric in the curve and virtual metric configuration forms.
• [Install] The 24.04.0 update wizard can now be rerun if required.
• [Packaging] Fixed invalid permissions on the cron that deletes obsolete tokens.
• [Performance] Fixed a query performance issue with some specific data on the Resource status page.
• [Resource Status] Fixed an issue that occurred when a non-admin user was searching for resources by host categories.
• [Resource Status] Fixed an issue with the "Force Active Checks" option, which was ignored in some cases.
• [Resource Status] Fixed the responsivity and visibility of "display by" views.
• [Status Chart widget] Fixed an issue with the list of resources displayed when hovering the charts.
• [Status Chart widget] Filtering on selected resources is now handled correctly.
• [Status Grid widget] Filtering on selected resources is now handled correctly in the condensed view.

Security fixes

• [Security] Fixed SQL injection vulnerability in host-monitoring widgets.
• [Security] Fixed SQLi in contacts form (CVE-2024-39843).
• [Security] Updated jQuery & jQuery-UI dependencies (CVE-2022-31160).

24.04.6

Release date: September 11, 2024

Security fixes

• [Security] Fixed SQLi in contacts form (CVE-2024-39843).

24.04.5

Release date: July 18, 2024

Enhancements

• [API] Fixed access control for host configuration endpoints.
• [centreon-web] Fixed SELinux dependencies for centreon-common-selinux.
• [Dashboard] Fixed an issue where the legend of the Metrics Graph widget was empty when the user locale was different from en_US. status charts and the status grid widget now display the status of a service's parent host when only services are selected instead of a "no host found" error.
• [Dashboards] Fixed an error that occurred when renaming a dashboard that had an empty description.
• [Dashboards] Fixed inconsistent values between top counter and status widgets.
• [Dashboards] Search results for services are no longer limited to 30 items.
• Fixed incorrect user rights computations for Dashboard admins.

24.04.4

Release date: July 3, 2024

Enhancements

• [Packaging] Fixed an issue in update file for centreon-web.

24.04.3

Release date: June 26, 2024

Enhancements

• [Metrics Graph widget] Curves for metrics with the same name are now differentiated by automatically adjusting colors.
• [Resource Status] In the filter window, you can now filter by resource type.
• [Widget edition] Removed incompatible resources when filtering using multiple resource types.

Bug fixes

• [API] Fixed API access control for monitoring endpoints.
• [API] Fixed access control for some v2 API service configuration endpoints.
• [Configuration] Fixed mass change on services.
• [Dashboards] Added missing default curve settings to the Metrics Graph widget.
• [Dashboards, Resource Status] All services are now displayed in the dataset resources section.
• [Resource Status] Fixed an issue with adding comments on hosts and meta-services in their details panel.
• [Resource Status] Filters can now be deselected in the search window.
• [Resource Status] Fixed redirection to "Performance > Graphs" menu in graph panel for meta-services.
• [Resource Status] The passive check icon is now displayed next to the correct resources.
• [Widget edition] Removed incompatible resources when filtering using multiple resource types.
• [Widgets] Widgets are now loaded correctly.

Security fixes

• [Security] Fixed several SLQi issues.

24.04.2

Release date: May 28, 2024

Bug fixes

• [API] Fixed access control for some v2 API endpoints.
• [CEIP] Fixed an error on Dashboard telemetry.
• [Unattended] The unattended.sh script now allows new options (Debian12, MariaDB versioning, MySQL 8).
• [Unattended] Bug fixes on various unattended.sh issues (httpd services not restarting, it-edition-extensions installation, script run issue on Oracle Linux distributions).
• [Unattended] The installation and the activation of Centreon IT Edition Extensions is now available
• [UX] Fixed an issue where the top counter pop-up was not closed when users clicked outside of it.
• [UX] Removed autocomplete for credentials fields in administration pages.

24.04.1

Release date: May 16, 2024

Bug fixes

• [Packaging] Fixed an issue where centreontrapd.pm and conf.pm were replaced by default files.

24.04.0

Release date: April 30, 2024

New features

Dashboards GA

Dashboards are now in Global Availability (GA) and fully supported by Centreon. Many features have been added in this version.

• Playlists feature: You can now create dashboard playlists. Selected dashboards will be displayed sequentially without any interaction, allowing you to broadcast them on TVs in public spaces.
• New widgets
  • The "Status Chart" widget displays the distribution of current statuses on selected resources, as a chart.
  • The "Group Monitoring" widget displays the distribution of current statuses on selected groups of resources, as a table.
• Resource Status: Widgets now include a link to the Resource Status page. When you access this link, Resources Status will be filtered according to the criteria used in the widget.
• User Experience
  • You can now search for a dashboard by its name.
  • You can now navigate more easily with the pagination.
  • You can now duplicate a dashboard.
  • You can now access widgets more easily thanks to pictograms representing each type of widget.
  • You can now display dashboards as a list, with the View as list button.
  • A modal now appears when deleting widgets, dashboards or playlists.
  • A warning modal is now preventing users from leaving the dashboard without saving it first.

Enhancements

Dashboards GA

• Improvements made on global Dashboard behavior

  • When sharing a dashboard, only contacts and contact groups that have access to the dashboard are displayed.
  • Optimized the rendering of widgets.
  • Optimized legend and thickened curves on graphs.
  • Moved the parameter used for hiding widgets' descriptions.
  • Updated the dashboard global refresh icon.
  • Widgets can now be edited quickly and easily by using an "Edit widget" shortcut that opens widget edition mode.
  • Made the dashboard library's "view as list" the default view.
  • Reorganized rich text options for widget descriptions.

• Improvements made to specific widgets

  • [MAP widget] Added an information message displayed when editing the widget.
  • [Metrics Graph widget] Added a warning message indicating that thresholds have been hidden when selecting two different metric units.
  • [Metrics Graph widget] Added an information tooltip when hovering over an element on the graph.
  • [Single Metric widget] Simplified metric selection.
  • [Single Metric widget] Simplified dataset selection by forcing a "host + service" pair.
  • [Status Grid widget] Added an "unhandled" state property.
  • [Status Grid widget] Added a new "condensed" view.

BREAKING CHANGE: The way metrics are handled has been changed to allow for more flexibility (e.g., you now have the possibiliyy to exclude metrics). If you used the metrics graph widget, you may have to select your metrics again.

User Experience

• Added full screen mode for the entire application.

API

• Dashboards

  • Added new endpoints to manage playlists.
  • Added a new endpoint to duplicate dashboards.
  • Updated endpoints to handle the Status Grid "condensed" view.

• Configuration

  • Added an endpoint to update a service severity.
  • Added an endpoint to create Broker outputs.
  • Added an endpoint to list all installed connectors.
  • Added an endpoint to list graph templates.
  • Added an endpoint to list and delete Business Activities.
  • Added an endpoint to update a service.
  • Added an endpoint to update a host partially.
  • Added an endpoint to handle the file format associated with a Stream Connector.

• Monitoring

  • Added an endpoint to list all metrics of a given service.
  • Metrics linked to a resource are now retrieved by the endpoint that lists resources.

• Administration:

  • Added endpoints to upload and list media.

Installation

• Added support for the Debian 12 operating system.
• Added compatibility with MySQL 8.0.
• Updated the MariaDB version to its latest LTS, 10.11.
• Improved the unattended.sh script to offer the possibility to select which DBMS will be installed.

Centreon Collect

24.04.8

Release date: December 18, 2024

Bug fixes

• [Engine] Fixed an issue where retention.dat files were deleted after an upgrade.
• [Engine] Fixed an issue where a segmentation fault could occur when host relations were modified.
• [Engine] Fixed errors in RRD logs that appeared following the upgrade to the new log engine in Collect.

24.04.7

Release date: November 26, 2024

Bug fixes

• [Broker] Adapted Broker to a new behavior of the MariaDB database concerning errors: Broker no longer fails to reconnect after an error. Broker could fail to reconnect after an error.
• [Broker] The Stream Connector cache behavior with host groups and service groups has been improved. When a host group or service group is deleted, it is also correctly removed from the Stream Connector caches.

24.04.6

Release date: September 30, 2024

Bug fixes

• [Broker] When no filter is configured on a Broker output, a default filter is applied so as to avoid Broker crashing.
• [CMA] Binary file for Centreon Monitoring Agent on Windows (Beta).
• [Engine] Engine now waits until no thread uses a gRPC service before deleting the service.
• [Engine] When Engine's configuration is modified, already sent events are no longer sent a second time.
• [Engine] Fixed the following issue: when Engine was restarted, its log file wasn't reopened, so if it was moved or removed, it wasn't created again.

24.04.5

Release date: August 05, 2024

Bug fixes

• Fixed a conflict between centreon-collect 23.04 and centreon-collect 23.10 that was occurring because of a change in the way we provide the MariaDB caching sha2 password plugin.

24.04.4

Release date: July 29, 2024

Bug fixes

• [Broker] If a service status was not 0, 1 or 2, it was written in RRD as an empty value. This raised an error in librrd. Now we send 'U' to RRD, which is a value that librrd accepts.
• [Broker] The default log level for Broker is now error instead of info (except for the core and config logs, which are info).
• [Engine] The default log level for Engine is now error instead of info (except for the core and config logs, which are info).
• [Engine] The output of external commands is no longer truncated after a backslash.
• [Engine] Configuration files for Anomaly Detection are now opened in read-only mode.
• [Engine] All log file configurations are now taken into account (including runtime and otl).
• [Engine] If a service contained several metrics with the same name, some of them were overwritten. Now during the parsing, a warning log explains the issue and only the first occurrence of the metric is kept.

24.04.3

Release date: July 17, 2024

Bug fixes

• [Broker] Fixed an issue that occurred when inserting too large metrics into the database, which resulted in an error log.
• [Broker] There were two errors concerning the gnutls version check:

1. The gnutls library on Centreon had to be at least the same version as the one used to compile Broker. Now, Broker checks that the version of the gnutls library is at least 3.6.0.
2. The packaging required a very old version of gnutls. Now, when Broker is installed we check that the version of gnutls is at least 3.6.0. If the version is older, it will be updated.

• [Broker] Added support for the default connection method to MySQL 8.0.35.

24.04.2

Release date: June 17, 2024

Enhancements

• [Engine] Added a new centengine parameter (send_recovery_notifications_anyways) to force sending a recovery notification even when the resource is outside of its notification period. This aims at keeping third-party tools up-to-date at any time when they are fed notifications.
• [Engine] The whitelist works with all the commands executed by Engine.
• [Engine] Engine can now handle extra configuration files to complement/overload the centengine.cfg file. This enhancement allows you to keep a custom configuration unchanged when exporting the configuration.

Bug fixes

• [Broker] Fixed an issue where incomplete BAM queries resulted in unnecessary error messages.
• [Broker] Fixed an issue where grpc layers crashed if a channel was deleted by a grpc thread.
• [Broker] Fixed a stability issue that could occur when an LVM snapshot was launched to backup the database.

24.04.1

Release date: May 28, 2024

Bug fixes

• [Packaging] Fixed an issue with permissions on Engine and Broker files.

24.04.0

Release date: April 30, 2024

Bug fixes

• Fixed some incorrect statuses in Broker's statistics retrieved by the broker-stats.json file.
• [Packaging] Added symbolic link from /usr/lib64/nagios/plugins to /usr/lib/nagios/plugins.
• Semicolons are no longer considered as the beginning of a comment in Engine's configuration files. This is because comments were not useful in these files, and they prevented the use of semicolons in macros (e.g., passwords).

Centreon Engine

Compatibility

• Compatibility with other 24.04 components.

Centreon Broker

Compatibility

• Compatibility with other 24.04 components.

Centreon Gorgone

24.04.5

Release date: December 18, 2024

Bug fixes

• [Gorgone] Fixed a bug in Gorgone affecting platforms with thousands of hosts, where deploying the configuration failed and the connection with Gorgone was lost.

24.04.4

Release date: November 26, 2024

Bug fixes

• [Gorgone] centreon-engine and centreon-broker are no longer installed on MBI servers.

24.04.3

Release date: September 30, 2024

Bug fixes

• [Gorgone] Added a partition for the Gorgone MBI mod_bi_metriccentileweeklyvalue and mod_bi_metriccentilemonthlyvalue tables, which are required by the ETL to run correctly.
• [Gorgone] Fixed an issue affecting CPU load when a poller was not responding.
• [Gorgone] Fixed an issue where Gorgone running on a central server was leaking file descriptors when pollers were disconnected.
• [Gorgone] Fixed an issue stopping the nmap discovery provider from working after a Gorgone whitelist was created.
• [Gorgone] In MBI, fixed the perfdataStatisticsBuilder.pl script: when using the '-r --centile-only' parameters, the mod_bi_metrichourlyvalue table is no longer truncated.
• [Gorgone] The password of an MBI database user can now include special characters.

24.04.2

Release date: July 18, 2024

Bug fixes

• [Gorgone] Fixed an issue where a host category was not present in MBI if it was applied on a host template instead of directly on the host.
• [Gorgone] Fixed an issue with the Gorgone API at upgrade, that caused the Autodiscovery feature to not work.

24.04.1

Release date: June 26, 2024

Bug fixes

• Fixed gorgone whitelist for HA architecture.

24.04.0

Release date: April 30, 2024

Enhancements

• Moved gorgone whitelists to a dedicated file.

Centreon High Availability

24.04.0

Release date: April 30, 2024

Compatibility

• Compatibility with other 24.04 components.

Centreon DSM

24.04.3

Release date: November 21, 2024

Security fixes

• [Security] Fixed SQLi in the Centreon DSM slot configuration form, only accessible to authenticated users with high privilege access. (CVE-2024-45755)

24.04.2

Release date: May 28, 2024

Bug fixes

• No changes for this module in this version.

24.04.1

Release date: May 16, 2024

Bug fixes

• [Packaging] Fixed an issue where dsmclient.pl wasn't deployed by the centreon-dsm-client package.

24.04.1

Release date: May 16, 2024

Bug fixes

• [Packaging] Fixed an issue where dsmclient.pl wasn't deployed by the centreon-dsm-client package.

24.04.0

Release date: April 30, 2024

Compatibility

• Compatibility with other 24.04 components.

Centreon Open Tickets

24.04.3

Release date: December 5, 2024

Bug fixes

• [Open Ticket widget] Fixed an issue preventing non admin users from opening tickets.

24.04.2

Release date: November 21, 2024

Security fixes

• [Security] Fixed SQLi in the ticket creation form, only accessible to authenticated users with high privilege access. (CVE-2024-45756)

24.04.1

Release date: September 30, 2024

Enhancements

• [OpenTickets] Fixed redirection to monitoring pages according to the "use deprecated pages" option.

Bug fixes

• [Open Tickets widget] Fixed GlpiRestApiProvider ticket subject persistence.

24.04.0

Release date: April 30, 2024

Compatibility

• Compatibility with other 24.04 components.