Ep. 25: New UX and security improvements in Checkmk 2.1
[0:00:00] | Welcome back to the Checkmk channel. Today, we're going to talk about what's new in Checkmk 2.1. |
[0:00:16] | Before upgrading to Checkmk 2.1, there's a few things you might want to consider. First, it is not possible anymore to skip a major version when upgrading Checkmk. |
[0:00:26] | So, if you are still on version 1.6, you cannot upgrade to 2.1 without first upgrading to 2.0. The next thing is that we are deprecating two features. The first is NSCA, the nagios service check acceptor, and the second is the web API. |
[0:00:44] | If you're still using the web API, you should start migrating to the new rest API which is the drop in replacement. But you can also re-enable the web API if you really need it, although we want it be removed in a future version. |
[0:01:00] | But now let's take a look at the new features. Right, so I just upgraded my Checkmk instance to 2.1. |
[0:01:09] | If you want to learn how to upgrade your Checkmk instance, you can have a look at our dedicated video on that and you can find the link in the description. |
[0:01:20] | So, let's get started with the first user interface improvement that we did, and that is dedicated dashboards for Linux and Windows operating systems. So, if we go to the monitor menu, we can find them over here. |
[0:01:35] | Let's start with the Linux dashboard. If we take a look at that, we can see there's all kinds of information. We get an overview of all the linux hosts that we have, all the services on those hosts. |
[0:01:49] | It's also filtered between UP state and OK state or not OK and not UP. We see the CPU utilization and the memory utilization. We see network interfaces and the agent execution time which is also very important to keep an eye on. |
[0:02:06] | And we see several performance counters regarding CPU and Disks and so on and so forth. In the lower part of the dashboard, we see some more information on the host. We see all the Linux hosts that we have in this environment. |
[0:02:22] | Depending on your configuration, you can also see the OS vendor and the version in here. And you get a lot more information just as a quick overview on the host and you can also see the Filesystems,and it's sorted by size so the most filled file system will be shown in the top of the list. |
[0:02:45] | Okay, there's one more neat thing, we can actually drill down into these hosts. So, if you're curious about what's going on with one of those hosts, you can just click the host name here and then we get a whole other dashboard which shows a lot of information depending on what you have configured. |
[0:03:02] | But you again see there's all the important information, CPU memory this disk related information what's going on here. We see TCP connections, information about the interfaces especially errors but also the network interface bandwidth. |
[0:03:20] | And we can see critical and warning services in the lower part of the dashboard, so we have all the information we need on the host and everything at one glance, so we can see what's going on with the host. |
[0:03:33] | The same dashboard more or less we have for Windows hosts. If you go here, you can see it's more or less the same dashboard that you see more or less the same information. But now it's filtered for Windows source and we only see our Windows hosts here. |
[0:03:49] | And again, we can do a drill down on the dedicated host and see what's going on here. We see the same more or less the same information tailored to Windows in this case. And we also see the services and their state, so if there's anything wrong, we see that instantly. |
[0:04:08] | Okay, the next improvement is the service discovery. So, let's take a look at one of our hosts. |
[0:04:19] | And if we go to the Service configuration here, we can see the new or renewed service discovery page. You can see some of the buttons have been renamed but the overall layout stays the same and the information is more or less the same that you see. |
[0:04:36] | So, we can see most of the services are already monitored here but we have one Undecided service that is currently not monitored. We have labels or one label but it's currently active, so no need for discovery here. |
[0:04:51] | So, what we could do? We could add this single service here more or less manually or we could disable it if we wanted to. |
[0:04:59] | But we can also use the buttons in the top here. There we have Accept all, that's the first renamed button, earlier, it was called Fix all. |
[0:05:09] | But we wanted to make sure that it's as intuitive as possible here. So, Accept all means you will accept all the changes that are shown to you here. |
[0:05:18] | So, if I click on that, we can see that the Undecided service moves to Monitored services, and all the changes are where they should be and the Accept all button is grayed out now. So, that means there are no changes that we would need to accept. |
[0:05:34] | The next button is the Rescan button. This fetches new and fresh information from the monitored system just to make sure you have the most up-to-date information. As we can see, we already had this information, so the status stays the same here. |
[0:05:51] | There are more buttons. Two of those I already showed to you because they were depicted next to the service, which is Monitor undecided services and Remove vanished services. |
[0:06:02] | And if there is something that you want to do that isn't shown here, there is no possibility to click on here, you can go to the Actions menu and then you can see there are several more options. |
[0:06:15] | I'm not going to go into all of them in detail but generally there's quite some more options how to handle the services. You might have to click on show more to see all of them. |
[0:06:26] | Okay, the next feature is the Two-factor authentication. For that, I'm going to navigate to the User menu because this is user setting obviously. |
[0:06:37] | And there we go to two factor authentication and then you can see we have two buttons. We can add a new credential or regenerate backup codes. First, I want to start and create some backup codes because if I lose my security token, I won't be able to log in. |
[0:06:54] | So, let me first generate those and save them somewhere securely. And after I did that, I can say add a credential. |
[0:07:12] | We see the time and date, when it has been registered, and we can also set a alias just so we know what device it is. I'm going to use a generic name here Security Token, so now I know what token it is. We could add more tokens if you had more. |
[0:07:29] | But what this does is simply, if we log out and log in again, I have my password and account stored here, but now we are asked to confirm the login with the security token and after we did that we are back at our main dashboard. |
[0:07:47] | One more improvement that you might not have been able to see up to now is a overall improvement in the performance of the web interface. |
[0:07:53] | So, if you're navigating Checkmk at some points, you might realize that it feels a little faster, a little more crisp. |
[0:08:02] | That's something that we improved in general, of course, that's not easy to show, so I'm just gonna tell you that we did a lot of work in that area, so look out for the improvements there. |
[0:08:15] | But we also did some changes under the hood, so, of course, we improved the performance of our monitoring core because that is the engine of our monitoring, that is what actually does the heavy lifting. |
[0:08:25] | And we did some changes to the file format of the configuration which really speeds up the activation process of the monitoring configuration. If you want to know more about that, keep an eye out for the talk of our elite developer Lars Michelson, who talked about this very topic at our Checkmk conference. |
[0:08:46] | That's it for today. Stay tuned for more videos on improvements and new features in Checkmk 2.1. Make sure to subscribe and thank you for watching. |
Want to know more about Checkmk? Join us for our Introduction to Checkmk Webinar