About Nagios CGIs
Various Nagios CGIs are used within GroundWork Monitor. An administrator is able to configure user and contact group access control options for CGIs. The idea is to simplify the setup so that the existing user-list does not need to be changed regarding CGI authorization variables as users come and go. Also, this provides a facility for some types of read-only access to Nagios CGIs, which can help with security profiles.s
To access the CGIs access control options go to Configuration > Nagios Monitoring > Control > Nagios cgi configuration. This screen contains all of the access-related options for the Nagios screens. One can see the output in the generated CGI configuration file
/usr/local/groundwork/etc/cgi.cfg file, even before a Commit operation. You can generate and view the file using Configuration > Nagios Monitoring > Maintenance > Tools > Export to files, and selecting cgi.cfg.
CGI Access Control Options
This table describes the access control options. See Nagios documentation for complete documentation for these options].
|Control Option||Description (all comma delimited)|
Read-Only Access: Users that have read-only rights in the CGIs. This will block any service or host commands normally shown on the extinfo CGI pages. It will also block comments.
Configuration Information Access: Authenticated users who can view configuration information in the configuration CGI. Users can view information on all configured hosts, host groups, services, contacts, contact groups, time periods, and commands.
System/Process Information Access: Authenticated users who can view system/process information in the extended information CGI.
System/Process Command Access: Authenticated users who can issue system/process commands via the command CGI.
|Global Host Information|
Global Host Information Access: Authenticated users who can view status and configuration information for all hosts. Users are also automatically authorized to view information for all services.
|Global Host Command|
Global Host Command Access: Authenticated users who can issue commands for all hosts via the command CGI. Users are also automatically authorized to issue commands for all services.
|Global Service Information|
Global Service Information Access: Authenticated users who can view status and configuration information for all services.
|Global Service Command|
Global Service Command Access: Authenticated users who can issue commands for all services via the command CGI.