CMK version: 2.1.0p40.cre
OS version: Ubuntu 22.04
Error message:
I just upgraded from CRE 2.0 to CRE 2.1. In general Check-MK ist working fine. But some actions in the web interface result in the error message “Invalid CSRF Ticket abcde-123432-… for Session abcde-123456-…”.
Actions identified so far:
- Creating Bookmarks
- Hovering over reschedule icon for a service (tooltip with this error message appears). reschedule does not work
Additionally I’m not able to log out of check-mk. When I push the button: User → Logout, I’m getting the error message “Invalid credentials” within the main content area of Check-MK. This seems to be another error.
Here are the error message from $INSTANCE/var/log/web.log:
2024-03-19 17:23:34,380 [40] [cmk.web 3685885] http://monitoring.mydomain.com/myinstance/check_mk/sidebar_fold.py?fold=yes&_ajaxid=1710865413 MKGeneralException: Invalid CSRF token ('5a7e5964-bfc8-49eb-a452-f78d12333c43') for Session ('e898302d-3104-41e0-97ca-ca33b3d2eb0b')
2024-03-19 17:23:35,096 [40] [cmk.web 3685885] http://monitoring.mydomain.com/myinstance/check_mk/sidebar_fold.py?fold=no&_ajaxid=1710865414 MKGeneralException: Invalid CSRF token ('5a7e5964-bfc8-49eb-a452-f78d12333c43') for Session ('73694412-14eb-4fe1-8983-598055cf7b21')
2024-03-19 17:36:23,109 [40] [cmk.web 3730665] http://monitoring.mydomain.com/myinstance/check_mk/add_bookmark.py MKGeneralException: Invalid CSRF token ('e7d333b6-d344-4a93-84d8-1b67f4a301d6') for Session ('1be23ef8-fb28-4236-b091-febb8601fd6f')
2024-03-19 17:36:43,944 [40] [cmk.web 3730665] http://monitoring.mydomain.com/myinstance/check_mk/sidebar_openclose.py?name=bookmarks&state=off&_ajaxid=1710866203 MKGeneralException: Invalid CSRF token ('e7d333b6-d344-4a93-84d8-1b67f4a301d6') for Session ('0625b88f-9fbf-4db2-b912-7e4b7c45ab85')
2024-03-19 17:36:46,868 [40] [cmk.web 3730665] http://monitoring.mydomain.com/myinstance/check_mk/sidebar_openclose.py?name=views&state=closed&_ajaxid=1710866206 MKGeneralException: Invalid CSRF token ('e7d333b6-d344-4a93-84d8-1b67f4a301d6') for Session ('b72b8226-1765-41d4-a544-7583effb52c5')
2024-03-19 17:37:19,648 [40] [cmk.web 4055837] http://monitoring.mydomain.com/myinstance/check_mk/sidebar_openclose.py?name=search&state=closed&_ajaxid=1710866239 MKGeneralException: Invalid CSRF token ('e7d333b6-d344-4a93-84d8-1b67f4a301d6') for Session ('8908b0a1-7f48-4bb5-94ad-24d535530bb7')
2024-03-19 17:37:20,163 [40] [cmk.web 4055837] http://monitoring.mydomain.com/myinstance/check_mk/sidebar_openclose.py?name=search&state=open&_ajaxid=1710866239 MKGeneralException: Invalid CSRF token ('e7d333b6-d344-4a93-84d8-1b67f4a301d6') for Session ('b0207143-c891-4108-a335-7b2658e2b761')
2024-03-19 17:37:45,534 [40] [cmk.web 4014670] http://monitoring.mydomain.com/myinstance/check_mk/sidebar_fold.py?fold=yes&_ajaxid=1710866265 MKGeneralException: Invalid CSRF token ('e7d333b6-d344-4a93-84d8-1b67f4a301d6') for Session ('d1354fa9-349f-475b-9375-f2bd0a93bd5c')
2024-03-19 17:37:46,805 [40] [cmk.web 4014670] http://monitoring.mydomain.com/myinstance/check_mk/sidebar_fold.py?fold=no&_ajaxid=1710866266 MKGeneralException: Invalid CSRF token ('e7d333b6-d344-4a93-84d8-1b67f4a301d6') for Session ('43784a7b-8788-4375-b42f-df35d8c6ac64')
2024-03-19 17:38:04,490 [40] [cmk.web 3730665] http://monitoring.mydomain.com/myinstance/check_mk/sidebar_openclose.py?name=tactical_overview&state=closed&_ajaxid=1710866284 MKGeneralException: Invalid CSRF token ('e7d333b6-d344-4a93-84d8-1b67f4a301d6') for Session ('bde5006b-3ad3-4aa9-bb54-ca9ec47dd56b')
2024-03-19 17:38:05,269 [40] [cmk.web 3730665] http://monitoring.mydomain.com/myinstance/check_mk/sidebar_openclose.py?name=tactical_overview&state=open&_ajaxid=1710866284 MKGeneralException: Invalid CSRF token ('e7d333b6-d344-4a93-84d8-1b67f4a301d6') for Session ('d460c1f7-c3c9-4ae8-a3de-9f3378886105')
2024-03-19 17:39:10,037 [40] [cmk.web 4056393] http://monitoring.mydomain.com/myinstance/check_mk/add_bookmark.py MKGeneralException: Invalid CSRF token ('961944d9-990f-4989-84ef-5d042042a9a9') for Session ('14c36271-410f-48bc-8df7-881df3081c02')
2024-03-19 17:44:46,772 [40] [cmk.web 4044280] http://monitoring.mydomain.com/myinstance/check_mk/add_bookmark.py MKGeneralException: Invalid CSRF token ('caf7a9f8-f9b5-4961-889e-934f9d942aed') for Session ('231dc8b7-7264-4bb3-b793-868b4770d0c2')
2024-03-19 17:45:24,093 [40] [cmk.web 3730665] http://monitoring.mydomain.com/myinstance/check_mk/sidebar_openclose.py?name=bookmarks&state=closed&_ajaxid=1710866723 MKGeneralException: Invalid CSRF token ('caf7a9f8-f9b5-4961-889e-934f9d942aed') for Session ('aff5717b-e392-4064-aaa5-55035d3aa318')
2024-03-19 17:45:24,410 [40] [cmk.web 4044280] http://monitoring.mydomain.com/myinstance/check_mk/sidebar_openclose.py?name=bookmarks&state=open&_ajaxid=1710866724 MKGeneralException: Invalid CSRF token ('caf7a9f8-f9b5-4961-889e-934f9d942aed') for Session ('8b402ff6-4c56-4205-b227-36f48332da15')
2024-03-19 17:54:36,230 [40] [cmk.web 4084018] http://monitoring.mydomain.com/myinstance/check_mk/sidebar_fold.py?fold=yes&_ajaxid=1710867275 MKGeneralException: Invalid CSRF token ('d4b317cf-65f3-4027-8186-c9abdeb952c3') for Session ('7342a3ee-7a08-4a1d-9bee-9a98ba32ac94')
2024-03-19 17:55:20,082 [40] [cmk.web 4044280] http://monitoring.mydomain.com/myinstance/check_mk/add_bookmark.py MKGeneralException: Invalid CSRF token ('47e48c60-fa88-49d5-8c5a-2dd38c08238d') for Session ('2c6875e8-1776-47fa-bc99-ee908ce59c2e')
2024-03-19 17:55:24,360 [40] [cmk.web 4044280] http://monitoring.mydomain.com/myinstance/check_mk/sidebar_openclose.py?name=bookmarks&state=off&_ajaxid=1710867323 MKGeneralException: Invalid CSRF token ('47e48c60-fa88-49d5-8c5a-2dd38c08238d') for Session ('ec579f59-ccf3-4d22-9097-1bfc35a7e271')
What I did so far:
- rm /omd/sites/mysite/var/check_mk/web/*/session_info.mk (no effect. I’m still logged in)
- Used different browsers, deleted cache. (no effect)
- Delete complete Configuration/cache for chromium browser (no effect. error stays the same)