Security and encryption for variables
Opsview Monitor allows for arguments of variables to be encrypted on a system-wide basis. This means that an administrator can create a new Variable called %MYLOGINDETAILS%, with arg1 as the username and arg2 as the password.
The administrator can set the ‘arg2’ field as encrypted, meaning any value entered here cannot be retrieved once the ‘submit changes’ button is saved. The ’eye’ icon will show when text has been entered but not saved, whereas when the text has been saved, the text box below will show:
In the variable where an argument has been encrypted, the value entered can never be retrieved. It can however be reset, i.e. the password can be reset in the example above.
When the Variable above is added to a Host, the encrypted field can be seen below:
An administrator/user can then choose to check the ‘Override Password’ box which will enable text entry:
By default, newly installed Opsview Monitor systems encrypt the password arguments of the following Variables:
- MSSQLCREDENTIALS
- MYSQLCREDENTIALS
- ORACREDENTIALS
- VMWAREGUESTCREDENTIALS
- VMWAREHOSTCREDENTIALS
- WINCREDENTIALS
The list of environment variables supported by scheduler for host / service checks is:
- CHECKINTERVAL
- HOSTATTEMPT
- HOSTDOWNTIME
- HOSTDURATION
- HOSTGROUPALIAS
- HOSTGROUPNAME
- HOSTOUTPUT
- HOSTPROBLEMID
- HOSTSTATEID
- HOSTSTATE
- HOSTSTATETYPE
- LASTHOSTCHECK
- LASTHOSTDOWN
- LASTHOSTPROBLEMID
- LASTHOSTSTATE
- LASTHOSTSTATECHANGE
- LASTHOSTUNREACHABLE
- LASTHOSTUP
- LASTSERVICECHECK
- LASTSERVICECRITICAL
- LASTSERVICEOK
- LASTSERVICEPROBLEMID
- LASTSERVICESTATE
- LASTSERVICESTATECHANGE
- LASTSERVICEWARNING
- LASTSTATECHANGE
- LONGDATETIME
- LONGHOSTOUTPUT
- LONGSERVICEOUTPUT
- RETRYCHECKINTERVAL
- SERVICEATTEMPT
- SERVICEDURATION
- SERVICEOUTPUT
- SERVICEPROBLEMID
- SERVICESTATE
- SERVICESTATEID
- SERVICESTATETYPE
- SHORTDATETIME
- SERVICEDOWNTIME
- HOSTADDRESS
- HOSTALIAS
- HOSTNAME
- SERVICEDESC
- SERVICENOTES