Variables, Security and Encryption

Variable Security and Encryption

Opsview Cloud allows for arguments of Variables to be encrypted on a system-wide basis. This means that an administrator can create a new Variable called %MYLOGINDETAILS%, with arg1 as the username and arg2 as the password.

The administrator can set the 'arg2' field as encrypted, meaning any value entered here cannot be retrieved once the 'submit changes' button is saved. The 'eye' icon will show when text has been entered but not saved, whereas when the text has been saved, the text box below will show:

In the variable where an argument has been encrypted, the value entered can never be retrieved. It can however be reset, i.e. the password can be reset in the example above.

When the Variable above is added to a Host, the encrypted field can be seen below:

An administrator/user can then choose to check the 'Override Password' box which will enable text entry:

By default, newly installed Opsview Cloud encrypt the password arguments of the following Variables:

  • MSSQLCREDENTIALS
  • MYSQLCREDENTIALS
  • ORACREDENTIALS
  • VMWAREGUESTCREDENTIALS
  • VMWAREHOSTCREDENTIALS
  • WINCREDENTIALS

The list of environment variables supported by scheduler for host / service checks is:

CHECKINTERVAL
HOSTATTEMPT
HOSTDOWNTIME
HOSTDURATION
HOSTGROUPALIAS
HOSTGROUPNAME
HOSTOUTPUT
HOSTPROBLEMID
HOSTSTATEID
HOSTSTATE
HOSTSTATETYPE
LASTHOSTCHECK
LASTHOSTDOWN
LASTHOSTPROBLEMID
LASTHOSTSTATE
LASTHOSTSTATECHANGE
LASTHOSTUNREACHABLE
LASTHOSTUP
LASTSERVICECHECK
LASTSERVICECRITICAL
LASTSERVICEOK
LASTSERVICEPROBLEMID
LASTSERVICESTATE
LASTSERVICESTATECHANGE
LASTSERVICEWARNING
LASTSTATECHANGE
LONGDATETIME
LONGHOSTOUTPUT
LONGSERVICEOUTPUT
RETRYCHECKINTERVAL
SERVICEATTEMPT
SERVICEDURATION
SERVICEOUTPUT
SERVICEPROBLEMID
SERVICESTATE
SERVICESTATEID
SERVICESTATETYPE
SHORTDATETIME
SERVICEDOWNTIME
HOSTADDRESS
HOSTALIAS
HOSTNAME
SERVICEDESC
SERVICENOTES