Skip to content

WEBServer

A server that listens for incoming HTTP connection and processes incoming requests. It provides both a WEB UI as well as a REST API in addition to simplifying configuration of WEB Server module.

Configuration

Path / Section Description
/settings/default
/settings/WEB/server Web server
/settings/WEB/server/roles Web server roles
/settings/WEB/server/users Web server users

/settings/default

Key Default Value Description
allowed hosts 127.0.0.1 ALLOWED HOSTS
bind to BIND TO ADDRESS
cache allowed hosts true CACHE ALLOWED HOSTS
encoding NRPE PAYLOAD ENCODING
inbox inbox INBOX
password Password
socket queue size 0 LISTEN QUEUE
thread pool 10 THREAD POOL
timeout 30 TIMEOUT
# 
[/settings/default]
allowed hosts=127.0.0.1
cache allowed hosts=true
inbox=inbox
socket queue size=0
thread pool=10
timeout=30

ALLOWED HOSTS

A comma separated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges.

Key Description
Path: /settings/default
Key: allowed hosts
Default value: 127.0.0.1
Used by: NRPEServer, NSCAServer, NSClientServer, WEBServer

Sample:

[/settings/default]
# ALLOWED HOSTS
allowed hosts=127.0.0.1

BIND TO ADDRESS

Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses.

Key Description
Path: /settings/default
Key: bind to
Default value: N/A
Used by: NRPEServer, NSCAServer, NSClientServer, WEBServer

Sample:

[/settings/default]
# BIND TO ADDRESS
bind to=

CACHE ALLOWED HOSTS

If host names (DNS entries) should be cached, improves speed and security somewhat but won't allow you to have dynamic IPs for your Nagios server.

Key Description
Path: /settings/default
Key: cache allowed hosts
Default value: true
Used by: NRPEServer, NSCAServer, NSClientServer, WEBServer

Sample:

[/settings/default]
# CACHE ALLOWED HOSTS
cache allowed hosts=true

NRPE PAYLOAD ENCODING

Key Description
Path: /settings/default
Key: encoding
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NRPEServer, NSCAServer, NSClientServer, WEBServer

Sample:

[/settings/default]
# NRPE PAYLOAD ENCODING
encoding=

INBOX

The default channel to post incoming messages on

Key Description
Path: /settings/default
Key: inbox
Default value: inbox
Used by: NRPEServer, NSCAServer, NSClientServer, WEBServer

Sample:

[/settings/default]
# INBOX
inbox=inbox

Password

Password used to authenticate against server

Key Description
Path: /settings/default
Key: password
Default value: N/A
Used by: NRPEServer, NSCAServer, NSClientServer, WEBServer

Sample:

[/settings/default]
# Password
password=

LISTEN QUEUE

Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts.

Key Description
Path: /settings/default
Key: socket queue size
Advanced: Yes (means it is not commonly used)
Default value: 0
Used by: NRPEServer, NSCAServer, NSClientServer, WEBServer

Sample:

[/settings/default]
# LISTEN QUEUE
socket queue size=0

THREAD POOL

Key Description
Path: /settings/default
Key: thread pool
Advanced: Yes (means it is not commonly used)
Default value: 10
Used by: NRPEServer, NSCAServer, NSClientServer, WEBServer

Sample:

[/settings/default]
# THREAD POOL
thread pool=10

TIMEOUT

Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out.

Key Description
Path: /settings/default
Key: timeout
Default value: 30
Used by: NRPEServer, NSCAServer, NSClientServer, WEBServer

Sample:

[/settings/default]
# TIMEOUT
timeout=30

Web server

Section for WEB (WEBServer.dll) (check_WEB) protocol options.

Key Default Value Description
allowed hosts 127.0.0.1 Allowed hosts
cache allowed hosts true Cache list of allowed hosts
certificate ${certificate-path}/certificate.pem TLS Certificate
password Password
port 8443 Server port
threads 10 Server threads
# Section for WEB (WEBServer.dll) (check_WEB) protocol options.
[/settings/WEB/server]
allowed hosts=127.0.0.1
cache allowed hosts=true
certificate=${certificate-path}/certificate.pem
port=8443
threads=10

Allowed hosts

A comma separated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favor of the parent.

Key Description
Path: /settings/WEB/server
Key: allowed hosts
Advanced: Yes (means it is not commonly used)
Default value: 127.0.0.1
Used by: WEBServer

Sample:

[/settings/WEB/server]
# Allowed hosts
allowed hosts=127.0.0.1

Cache list of allowed hosts

If host names (DNS entries) should be cached, improves speed and security somewhat but won't allow you to have dynamic IPs for your Nagios server. parent for this key is found under: /settings/default this is marked as advanced in favor of the parent.

Key Description
Path: /settings/WEB/server
Key: cache allowed hosts
Advanced: Yes (means it is not commonly used)
Default value: true
Used by: WEBServer

Sample:

[/settings/WEB/server]
# Cache list of allowed hosts
cache allowed hosts=true

TLS Certificate

Ssl certificate to use for the ssl server

Key Description
Path: /settings/WEB/server
Key: certificate
Default value: ${certificate-path}/certificate.pem
Used by: WEBServer

Sample:

[/settings/WEB/server]
# TLS Certificate
certificate=${certificate-path}/certificate.pem

Password

Password used to authenticate against server parent for this key is found under: /settings/default this is marked as advanced in favor of the parent.

Key Description
Path: /settings/WEB/server
Key: password
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: WEBServer

Sample:

[/settings/WEB/server]
# Password
password=

Server port

Port to use for WEB server.

Key Description
Path: /settings/WEB/server
Key: port
Default value: 8443
Used by: WEBServer

Sample:

[/settings/WEB/server]
# Server port
port=8443

Server threads

The number of threads in the sever response pool.

Key Description
Path: /settings/WEB/server
Key: threads
Default value: 10
Used by: WEBServer

Sample:

[/settings/WEB/server]
# Server threads
threads=10

Web server roles

A list of roles and with coma separated list of access rights.

Key Default Value Description
client public,info.get,info.get.version,queries.list,queries.get,queries.execute,login.get,modules.list Role for read only
full * Role for Full access
legacy legacy Role for legacy API
view * Role for Full access
# A list of roles and with coma separated list of access rights.
[/settings/WEB/server/roles]
client=public,info.get,info.get.version,queries.list,queries.get,queries.execute,login.get,modules.list
full=*
legacy=legacy
view=*

Role for read only

Default role for read only

Key Description
Path: /settings/WEB/server/roles
Key: client
Default value: public,info.get,info.get.version,queries.list,queries.get,queries.execute,login.get,modules.list
Used by: WEBServer

Sample:

[/settings/WEB/server/roles]
# Role for read only
client=public,info.get,info.get.version,queries.list,queries.get,queries.execute,login.get,modules.list

Role for Full access

Default role for Full access

Key Description
Path: /settings/WEB/server/roles
Key: full
Default value: *
Used by: WEBServer

Sample:

[/settings/WEB/server/roles]
# Role for Full access
full=*

Role for legacy API

Default role for legacy API

Key Description
Path: /settings/WEB/server/roles
Key: legacy
Default value: legacy
Used by: WEBServer

Sample:

[/settings/WEB/server/roles]
# Role for legacy API
legacy=legacy

Role for Full access

Default role for Full access

Key Description
Path: /settings/WEB/server/roles
Key: view
Default value: *
Used by: WEBServer

Sample:

[/settings/WEB/server/roles]
# Role for Full access
view=*

Web server users

Users which can access the REST API

This is a section of objects. This means that you will create objects below this point by adding sections which all look the same.

Keys:

Key Default Value Description
alias ALIAS
is template false IS TEMPLATE
parent default PARENT
password PASSWORD
role ROLE

Sample:

# An example of a Web server users section
[/settings/WEB/server/users/sample]
#alias=...
is template=false
parent=default
#password=...
#role=...