-
Notifications
You must be signed in to change notification settings - Fork 148
/
cgi.cfg
228 lines (176 loc) · 8.19 KB
/
cgi.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
#################################################################
#
# CGI.CFG - Sample CGI Configuration File
#
#################################################################
# AUTHENTICATION USAGE
# This option controls whether or not the CGIs will use any
# authentication when displaying host and service information, as
# well as committing commands for processing.
#
# Read the HTML documentation to learn how the authorization works!
#
# NOTE: It is a really *bad* idea to disable authorization, unless
# you plan on removing the command CGI (cmd.cgi)! Failure to do
# so will leave you wide open to kiddies messing with Thruk and
# possibly hitting you with a denial of service attack by filling up
# your drive by continuously writing to your command file!
#
# Setting this value to 0 will cause the CGIs to *not* use
# authentication (bad idea), while any other value will make them
# use the authentication functions (the default).
use_authentication=1
# x509 CERT AUTHENTICATION
# When enabled, this option allows you to use x509 cert (SSL)
# authentication in the CGIs. This is an advanced option and should
# not be enabled unless you know what you're doing.
use_ssl_authentication=0
# DEFAULT USER
# Setting this variable will define a default user name that can
# access pages without authentication. This allows people within a
# secure domain (i.e., behind a firewall) to see the current status
# without authenticating. You may want to use this to avoid basic
# authentication if you are not using a secure server since basic
# authentication transmits passwords in the clear.
#
# Important: Do not define a default username unless you are
# running a secure web server and are sure that everyone who has
# access to the CGIs has been authenticated in some manner! If you
# define this variable, anyone who has not authenticated to the web
# server will inherit all rights you assign to this user!
default_user_name=thrukadmin
# ADMIN ACCESS
# A comma-delimited list of usernames that have administration privileges.
# Those contacts will automatically get all authorized_for... roles except
# the readonly one.
authorized_for_admin=thrukadmin
authorized_contactgroup_for_admin=
# SYSTEM/PROCESS INFORMATION ACCESS
# This option is a comma-delimited list of all usernames that
# have access to viewing the process information as
# provided by the Extended Information CGI (extinfo.cgi). By
# default, *no one* has access to this unless you choose to
# not use authorization. You may use an asterisk (*) to
# authorize any user who has authenticated to the web server.
# Alternatively you can specify contactgroups too
authorized_for_system_information=
authorized_contactgroup_for_system_information=
# CONFIGURATION INFORMATION ACCESS
# This option is a comma-delimited list of all usernames that
# can view ALL configuration information (hosts, commands, etc).
# By default, users can only view configuration information
# for the hosts and services they are contacts for. You may use
# an asterisk (*) to authorize any user who has authenticated
# to the web server.
# Alternatively you can specify contactgroups too
authorized_for_configuration_information=
authorized_contactgroup_for_configuration_information=
# SYSTEM/PROCESS COMMAND ACCESS
# This option is a comma-delimited list of all usernames that
# can issue shutdown and restart commands via the
# command CGI (cmd.cgi). Users in this list can also change
# the program mode to active or standby. By default, *no one*
# has access to this unless you choose to not use authorization.
# You may use an asterisk (*) to authorize any user who has
# authenticated to the web server.
# Alternatively you can specify contactgroups too
authorized_for_system_commands=
authorized_contactgroup_for_system_commands=
# GLOBAL HOST/SERVICE VIEW ACCESS
# These two options are comma-delimited lists of all usernames that
# can view information for all hosts and services that are being
# monitored. By default, users can only view information
# for hosts or services that they are contacts for (unless you
# you choose to not use authorization). You may use an asterisk (*)
# to authorize any user who has authenticated to the web server.
# Alternatively you can specify contactgroups too
authorized_for_all_services=
authorized_contactgroup_for_all_services=
authorized_for_all_hosts=
authorized_contactgroup_for_all_hosts=
# GLOBAL HOST/SERVICE COMMAND ACCESS
# These two options are comma-delimited lists of all usernames that
# can issue host or service related commands via the command
# CGI (cmd.cgi) for all hosts and services that are being monitored.
# By default, users can only issue commands for hosts or services
# that they are contacts for (unless you you choose to not use
# authorization). You may use an asterisk (*) to authorize any
# user who has authenticated to the web server.
# Alternatively you can specify contactgroups too
authorized_for_all_service_commands=
authorized_contactgroup_for_all_service_commands=
authorized_for_all_host_commands=
authorized_contactgroup_for_all_host_commands=
# BOOKMARK PUBLIC ACCESS
# A comma-delimited list of usernames that can manage public bookmarks.
authorized_for_public_bookmarks=
authorized_contactgroup_for_public_bookmarks=
# BROADCAST ACCESS
# A comma-delimited list of usernames that can manage broadcasts.
authorized_for_broadcasts=
authorized_contactgroup_for_broadcasts=
# REPORT ACCESS
# A comma-delimited list of usernames that have full access to the reporting
# feature
authorized_for_reports=*
authorized_contactgroup_for_reports=
# BUSINESS PROCESS ACCESS
# A comma-delimited list of usernames that have the permission to create and
# edit business processes
authorized_for_business_processes=
authorized_contactgroup_for_business_processes=
# PANORAMA VIEW MEDIA MANAGER ACCESS
# A comma-delimited list of usernames that have the permission to upload and
# overwrite status icon sets and background images in panorama view dashboards.
authorized_for_panorama_view_media_manager=
authorized_contactgroup_for_panorama_view_media_manager=
# READ-ONLY USERS
# A comma-delimited list of usernames that have read-only rights in
# the CGIs. This will block any service or host commands normally shown
# on the extinfo CGI pages. It will also block comments from being shown
# to read-only users.
# Alternatively you can specify contactgroups too
authorized_for_read_only=
authorized_contactgroup_for_read_only=
# REFRESH RATE
# This option allows you to specify the refresh rate in seconds
# of various CGIs (status, statusmap, extinfo, and outages).
refresh_rate=90
# ESCAPE HTML TAGS
# This option determines whether HTML tags in host and service
# status output is escaped in the web interface. If enabled,
# your plugin output will not be able to contain clickable links.
escape_html_tags=1
# URL TARGET FRAMES
# These options determine the target frames in which notes and
# action URLs will open. Use 'main' to open the link embedded.
action_url_target=main
notes_url_target=main
# LOCK AUTHOR NAMES OPTION
# This option determines whether users can change the author name
# when submitting comments, scheduling downtime. If disabled, the
# author names will be locked into their contact name, as defined in your Monitoring.
# Values: 0 = allow editing author names
# 1 = lock author names (disallow editing)
lock_author_names=1
# SOUND OPTIONS
# These options allow you to specify an optional audio file
# that should be played in your browser window when there are
# problems on the network. The audio files are used only in
# the status CGI. Only the sound for the most critical problem
# will be played. Order of importance (higher to lower) is as
# follows: unreachable hosts, down hosts, critical services,
# warning services, and unknown services. If there are no
# visible problems, the sound file optionally specified by
# 'normal_sound' variable will be played.
#
# <varname>=<sound_file>
#
# Note: All audio files use relative paths from /thruk/cgi-bin/status.cgi
# and must be accessible by web
host_unreachable_sound=../media/critical.wav
host_down_sound=../media/critical.wav
service_critical_sound=../media/critical.wav
service_warning_sound=../media/warning.wav
service_unknown_sound=../media/unknown.wav
#normal_sound=../media/ok.wav