Marx, Stefan wrote: > Hi, > > can one say that the credential-capabilities of icinga-web interface add some > kind of multitenancy-layer to icinga? I personally think it can be used for > that.
yep. the principal editor, plus some pre-configs (like custom vars) is a huge tool to manage your users, and what they will see / get. even the rest api can be filtered on such a basis, which makes it easy to filter unwanted data for the icinga mobile clients directly in one single location (and not local on a per-app basis). best will be to grab a demo vm or install packages to get an idea what we're talking about. the online demo got the admin panel disabled for obvious abuse reasons of funny people. > > Cheers, > > Stefan Marx > > > -- > Stefan Marx > > Infologica - InnoviData - Millenux - Thinking Objects - Topalis > > Topalis AG, Lilienthalstraße 2/1, 70825 Korntal-Münchingen [DE] Fon +49 711 > 88770-134 Fax +49 711 88770-199 > > Sitz und Amtsgericht Stuttgart, HRB 23163 > Vorstand: Markus Klingspor, Rudolf Zimmermann > Aufsichtsrat: Klaus Böhnke (Vors.), Horst Frick, Helmut Gsänger > > -----Ursprüngliche Nachricht----- > Von: Michael Friedrich <michael.friedr...@gmail.com> > Gesendet: Mi 26.09.2012 12:23 > Betreff: Re: [icinga-users] Icinga & Multiple Domains > An: icinga-users@lists.sourceforge.net; >> Tinus Blaauw wrote: >>> Hi Carl, >>> >>> Thank you for the reply. >>> >>> What I mean is the following: >>> >>> Two users, user1 and user 2. >>> >>> User1 would like to monitor cnn.com >>> User2 would like to monitor skynews.com >>> >>> When User1 logon, he must only see cnn.com >>> When User2 logon, he must only see skynews.com >> you can do that by adding dedicated contact(groups) to your host and >> service definitions. if not done for each service themselves, use >> templates to inherit the default contacts. >>> Both must logon to the same URL too, eg. www.monitoring.org (as an >>> example!); hence basically 2 different internet domains (and their >>> subset of hosts) monitored through a central point, ie. monitoring.org :) >> the contact names will be the authoritative source for e.g. the classic >> ui, and showing only hosts/services the user-logged-in (==contact name) >> is authorized for. >> see the descriptive model of cgi auth in the docs - >> http://docs.icinga.org/latest/en/cgiauth.html >> >> on icinga-web, you can do that not on a per contact basis, but add >> dedicated authorization filters using the principal editor. some might >> prefer setting a custom variable (.i.e _domain foo1 into your service >> definitions) in order to allow extended filters. check "Administration" >> - http://docs.icinga.org/latest/en/icinga-web-introduction.html >> >> so basically this has nothing to do with a distributed setup, but only >> reflects different permissions on viewing checked hosts/services. >> >> >>> Tinus >>> >>> On 9/26/2012 12:58 AM, Carl R. Friend wrote: >>>> On Tue, 25 Sep 2012, Tinus Blaauw wrote: >>>> >>>>> Is there any way to setup multiple domains in Icinga? I have searched >>>>> the 'net for a couple of days now, but can't seem to find any results >>>>> regarding this. >>>> It all depends on what one means by the word "domain". In the >>>> computing world that's a highly overloaded term and, hence, one that >>>> is very easy to misconstrue. >>>> >>>> If by "domains" you are referring to different "spheres" of >>>> monitoring hosts all reporting back to a central repository, then >>>> that is already part of the landscape; look for "distributed >>>> monitoring" for hints. "Distributed monitoring" offers many >>>> advantages over monolithic structures especially if impediments >>>> like firewalls are present; too, the notion offers some advantages >>>> is there are political "problems" present in the overarching >>>> organisation that needs a monitoring solution. >>>> >>>> Cheers! >>>> >>>> +------------------------------------------------+---------------------+ >>>> | Carl Richard Friend (UNIX Sysadmin) | West Boylston | >>>> | Minicomputer Collector / Enthusiast | Massachusetts, USA | >>>> | mailto:crfri...@rcn.com +---------------------+ >>>> | http://users.rcn.com/crfriend/museum | ICBM: 42:22N 71:47W | >>>> +------------------------------------------------+---------------------+ >>>> >>>> >> ------------------------------------------------------------------------------ >>>> Live Security Virtual Conference >>>> Exclusive live event will cover all the ways today's security and >>>> threat landscape has changed and how IT managers can respond. Discussions >>>> will include endpoint security, mobile security and the latest in malware >>>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >>>> _______________________________________________ >>>> icinga-users mailing list >>>> icinga-users@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/icinga-users >>> ------------------------------------------------------------------------------ >>> Live Security Virtual Conference >>> Exclusive live event will cover all the ways today's security and >>> threat landscape has changed and how IT managers can respond. Discussions >>> will include endpoint security, mobile security and the latest in malware >>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >>> _______________________________________________ >>> icinga-users mailing list >>> icinga-users@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/icinga-users >> >> -- >> DI (FH) Michael Friedrich >> >> mail: michael.friedr...@gmail.com >> twitter: https://twitter.com/dnsmichi >> jabber: dnsmi...@jabber.ccc.de >> irc: irc.freenode.net/icinga dnsmichi >> >> icinga open source monitoring >> position: lead core developer >> url: https://www.icinga.org >> >> >> ------------------------------------------------------------------------------ >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ >> icinga-users mailing list >> icinga-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/icinga-users >> > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > icinga-users mailing list > icinga-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/icinga-users -- DI (FH) Michael Friedrich mail: michael.friedr...@gmail.com twitter: https://twitter.com/dnsmichi jabber: dnsmi...@jabber.ccc.de irc: irc.freenode.net/icinga dnsmichi icinga open source monitoring position: lead core developer url: https://www.icinga.org ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ icinga-users mailing list icinga-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/icinga-users
