Distributed Monitoring Slave Replication, replicates the whole WATO configuration to slaves, security problem

We run a CheckMK (1.6.0p5 Raw) as distributed monitoring for long time now.
The slaves are distributed to different customers.
If one of our customers can access one slave (maybe mount the disc containing /omd to an other VM) he is able to see the configuratíon of all other slaves (and so from all other customers). That could be a big security breech.

Is there a way to avoid this?

chia

If you want to stay with the Raw Edition, the only solution is to turn off Distributed WATO and configure each customer’s monitoring on the respective site. You can still use Distributed Monitoring (Remote Livestatus) to see all monitoring results on one console.

1 Like

We us in CEE a plugin which deletes all “foreign” folders on the remote site after activate changes. Its not 100% secure as CME but works for us.

regards

Michael

He, you have written a plugin of your own for this task?

Thanks, this information I was hunting for.
:slightly_smiling_face:

… not a real good decision to handle the configurations that way, like raw wato does.
maybe i’ve to introduce encryption for the slave
:unamused:

But there ist then no real central management anymore.
You have to manage each site on the (no more real) slave, right?

Yes, that’s right. It you turn off Distributed WATO, all sites have independent configuration.

Surely there is room for improvement. The Raw edition is a great base for automation. You can use the REST API to submit configurations, or even generate the hosts.mk and rules.mk files with a configuration management system like Ansible or a templating engine like Perl Template Toolkit. But this must be built outside of Checkmk.

1 Like

Yes, CME has certain constraints in our application and a migration from CEE to CME would be a challenge.