Nagstamon 1.01 & Thruk 1.86-4 - acknowledgements
260 views
Skip to first unread message
Richard Temple
Apr 1, 2015, 4:14:44 AM4/1/15
to th...@googlegroups.com
I have setup Nagstamon to monitor our installation of Thruk. When I attempt to acknowledge an alert via Nagstamon, the check isn't acknowledged in nagios and this is logged in /var/log/thruk/thruk.log.
Can anyone advise me what the problem might be ?
Thanks
[2015/04/01 03:05:46][nagioscore.sirsi.net][ERROR][Thruk.Utils] possible csrf, no or invalid token: $VAR1 = bless( {
'_body' => bless( {
'body' => undef,
'buffer' => '',
'chunk_buffer' => '',
'chunked' => '',
'cleanup' => 1,
'content_length' => '114',
'content_type' => 'application/x-www-form-urlencoded',
'length' => 114,
'param' => {
'btnSubmit' => 'Commit',
'cmd_mod' => '2',
'cmd_typ' => '34',
'com_author' => 'USERNAME',
'com_data' => 'ack',
'host' => 'HOST',
'send_notification' => 'on',
'service' => 'SERVICE'
},
'param_order' => [
'cmd_typ',
'cmd_mod',
'host',
'service',
'com_author',
'com_data',
'btnSubmit',
'send_notification'
],
'state' => 'done',
'tmpdir' => '/tmp',
'upload' => {}
}, 'HTTP::Body::UrlEncoded' ),
'_log' => bless( {
'abort' => undef,
'autoflush' => 0,
'watch_delay' => 0
}, 'Log::Log4perl::Catalyst' ),
'_path' => 'thruk/cgi-bin/cmd.cgi',
'_read_length' => '114',
'_read_position' => 114,
'_use_hash_multivalue' => 0,
'action' => 'thruk/cgi-bin/cmd.cgi',
'address' => 'IP ADDRESS',
'arguments' => [],
'base' => bless( do{\(my $o = 'https://NAGIOS-URL/')}, 'URI::https' ),
'body_parameters' => $VAR1->{'_body'}{'param'},
'captures' => [],
'cookies' => {
'thruk_auth' => bless( {
'name' => 'thruk_auth',
'path' => '/',
'value' => [
'626e86f09009da08ed4f3216b13355b5'
]
}, 'CGI::Simple::Cookie' ),
'thruk_test' => bless( {
'name' => 'thruk_test',
'path' => '/',
'value' => [
'****'
]
}, 'CGI::Simple::Cookie' )
},
'data_handlers' => {
'application/json' => sub { "DUMMY" },
'application/x-www-form-urlencoded' => sub { "DUMMY" }
},
'env' => {
'AUTH_TYPE' => 'Basic',
'CONTENT_LENGTH' => '114',
'CONTENT_TYPE' => 'application/x-www-form-urlencoded',
'Catalyst.Stash.v1' => sub { "DUMMY" },
'DOCUMENT_ROOT' => '/var/www/html',
'FCGI_ROLE' => 'RESPONDER',
'GATEWAY_INTERFACE' => 'CGI/1.1',
'HTTPS' => 'on',
'HTTP_ACCEPT_ENCODING' => 'identity',
'HTTP_CONNECTION' => 'close',
'HTTP_COOKIE' => 'thruk_auth=626e86f09009da08ed4f3216b13355b5; thruk_test=%2A%2A%2A%2A',
'HTTP_HOST' => 'NAGIOS-HOST',
'HTTP_USER_AGENT' => 'Python-urllib/2.7',
'PATH' => '/sbin:/usr/sbin:/bin:/usr/bin',
'PATH_INFO' => '/thruk/cgi-bin/cmd.cgi',
'PATH_TRANSLATED' => '/usr/share/thruk/fcgid_env.sh/thruk/cgi-bin/cmd.cgi',
'QUERY_STRING' => '',
'REMOTE_ADDR' => 'IP ADDRESS',
'REMOTE_PORT' => '1407',
'REMOTE_USER' => 'USERNAME',
'REQUEST_METHOD' => 'POST',
'REQUEST_URI' => '/thruk/cgi-bin/cmd.cgi',
'SCRIPT_FILENAME' => '/usr/share/thruk/fcgid_env.sh',
'SCRIPT_NAME' => '',
'SCRIPT_URI' => 'https://NAGIOS URL/thruk/cgi-bin/cmd.cgi',
'SCRIPT_URL' => '/thruk/cgi-bin/cmd.cgi',
'SERVER_ADDR' => 'NAGIOS IP ADDRESS',
'SERVER_ADMIN' => 'root@localhost',
'SERVER_NAME' => 'NAGIOS HOST',
'SERVER_PORT' => '443',
'SERVER_PROTOCOL' => 'HTTP/1.1',
'SERVER_SIGNATURE' => '<address>Apache/2.2.15 (CentOS) Server at NAGIOS HOST Port 443</address>',
'SERVER_SOFTWARE' => 'Apache/2.2.15 (CentOS)',
'plack.original_request_method' => 'POST',
'psgi.errors' => bless( \*Symbol::GEN4, 'IO::Handle' ),
'psgi.input' => bless( \*{'Stream::Buffered::PerlIO::$io'}, 'FileHandle' ),
'psgi.multiprocess' => 1,
'psgi.multithread' => '',
'psgi.nonblocking' => '',
'psgi.run_once' => '',
'psgi.streaming' => 1,
'psgi.url_scheme' => 'https',
'psgi.version' => [
1,
1
],
'psgix.harakiri' => '',
'psgix.input.buffered' => 1
},
'headers' => bless( {
'::std_case' => {
'cookie' => 'COOKIE',
'https' => 'HTTPS'
},
'accept-encoding' => 'identity',
'connection' => 'close',
'content-length' => '114',
'content-type' => 'application/x-www-form-urlencoded',
'cookie' => 'thruk_auth=626e86f09009da08ed4f3216b13355b5; thruk_test=%2A%2A%2A%2A',
'host' => 'NAGIOS HOST',
'https' => 'on',
'user-agent' => 'Python-urllib/2.7'
}, 'HTTP::Headers' ),
'match' => 'thruk/cgi-bin/cmd.cgi',
'method' => 'POST',
'parameters' => {
'ahas' => '',
'backend' => '',
'broadcast_notification' => '',
'btnSubmit' => 'Commit',
'childoptions' => '',
'cmd_mod' => '2',
'cmd_typ' => '34',
'com_author' => 'USERNAME',
'com_data' => 'ack',
'com_id' => 0,
'down_id' => 0,
'end_time' => 0,
'expire_time' => 0,
'fixed' => '',
'force_check' => '',
'force_notification' => '',
'host' => 'dsmani',
'hostgroup' => '',
'hours' => 0,
'minutes' => 0,
'not_dly' => 0,
'performance_data' => '',
'persistent' => '',
'plugin_output' => '',
'plugin_state' => 0,
'ptc' => '',
'send_notification' => 'on',
'service' => 'SERVICE',
'servicegroup' => '',
'start_time' => 0,
'sticky_ack' => '',
'trigger' => 0,
'use_expire' => ''
},
'protocol' => 'HTTP/1.1',
'query_keywords' => '',
'query_parameters' => {},
'remote_user' => 'USERNAME',
'secure' => 1,
'uploads' => {},
'uri' => bless( do{\(my $o = 'https://NAGIOS URL/thruk/cgi-bin/cmd.cgi')}, 'URI::https' ),
'user' => bless( {
'__hash_obj_key_is_array' => {},
'alias' => 'ALIAS',
'auth_realm' => 'Thruk',
'roles' => [
'authorized_for_all_host_commands',
'authorized_for_all_hosts',
'authorized_for_all_service_commands',
'authorized_for_all_services',
'authorized_for_configuration_information',
'authorized_for_system_commands',
'authorized_for_system_information',
'authorized_for_all_host_commands',
'authorized_for_all_hosts',
'authorized_for_all_service_commands',
'authorized_for_all_services',
'authorized_for_configuration_information',
'authorized_for_system_commands',
'authorized_for_system_information'
],
'username' => 'USERNAME'
}, 'Catalyst::Authentication::User::Hash' )
}, 'Catalyst::Request' );
Sven Nierlein
Apr 2, 2015, 4:25:09 AM4/2/15
to th...@googlegroups.com
Hi Richard,
This is the new cross site request forgery protection. You could add the hosts which use nagstamon
to the exception list:
http://www.thruk.org/documentation/configuration.html#csrf_allowed_hosts
Cheers,
Sven
> --
> You received this message because you are subscribed to the Google Groups "Thruk" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to thruk+un...@googlegroups.com <mailto:thruk+un...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.
This is the new cross site request forgery protection. You could add the hosts which use nagstamon
to the exception list:
http://www.thruk.org/documentation/configuration.html#csrf_allowed_hosts
Cheers,
Sven
> You received this message because you are subscribed to the Google Groups "Thruk" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to thruk+un...@googlegroups.com <mailto:thruk+un...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages