OpenNMS Meridian Development Team

Tarus Balog <tarus@opennms.org>

David Hustace <david@opennms.org>

Benjamin Reed <ranger@opennms.org>

Copyright © 2004-2020 The OpenNMS Group, Inc.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts and with no Back-Cover Texts. A copy of the license is available at http://www.gnu.org/copyleft/fdl.html OpenNMS is the creation of numerous people and organizations, operating under the umbrella of the OpenNMS project. The source code is published under the GNU Affero GPL, version 3 or later and is Copyright © 2002-2020 The OpenNMS Group, Inc.

The current corporate sponsor of OpenNMS is The OpenNMS Group, which also owns the OpenNMS trademark.

Please report any omissions or corrections to this document by creating an issue at http://issues.opennms.org.

OpenNMS Meridian 2019

System Requirements

  • Java 8 through 11: OpenNMS Meridian 2019 runs on JDK 8 through 11. We recommend the most recent version of OpenJDK 11.

  • Default Heap Size: The default heap size is now 2GB.

  • PostgreSQL 10 or higher: Meridian 2019 requires any supported version of PostgreSQL 10 or higher.

What’s New in Meridian 2019

Since Meridian 2018, we have introduced a large number of features, most notably Telemetryd (for processing streaming telemetry like NetFlow and sFlow), the Sentinel (for horizontal scaling of telemetry and other processing), and ALEC (for alarm correlation).

On top of that, there have been many other improvements and bug fixes since Meridian 2018.

Meridian 2019 roughly matches the feature set available in Horizon 25.

Architecture for Learning Enabled Correlation

Horizon 23 introduced support for correlation of alarms into meta-alarms called "situations" using an engine called the Architecture for Learning Enabled Correlation.

Situations are OpenNMS alarms that contain one or more triggering alarms, which allows them to be browsed, acknowledged, and unacknowledged just like any other alarm.

A high-level overview of the goal and implementation of correlation can be seen on the ALEC web site.

Changes to the Alarm Lifecycle

Alarm Clearing

Traditionally, OpenNMS has created and resolved alarms in pairs, with one alarm representing the triggering event (or events), and then a second alarm representing the resolution. Horizon 23 changes this default behavior to use a single alarm to track the problem state, incrementing the alarm count when it occurs while in a problem state, or when moving from resolved back into a problem state. Additionally, you can configure OpenNMS to create a new alarm if a problem happens again.

These behaviors are controlled by the introduction of 2 new settings in the opennms.properties file:

org.opennms.alarmd.legacyAlarmState

This setting reverts to the old (pre-23) behavior of creating separate alarms for a problem and its resolution.

org.opennms.alarmd.newIfClearedAlarmExists

This setting forces Alarmd to create a new alarm if a problem reoccurs, rather than incrementing an existing alarm. (Note: this is ignored if legacyAlarmState is set to true.)

These improvements are covered in a lunch and learn video we published recently, if you would like to learn more.

Alarmd Architecture

To facilitate the implementation of ALEC, alarmd has been rearchitected to use Drools to manage the alarm lifecycle, rather than Vacuumd automations, triggers, and actions.

If are migrating changes to vacuumd-configuration.xml from an earlier Meridian release, it is strongly recommended you port them to the new Alarmd Drools context. The Drools rules are in the $OPENNMS_HOME/etc/alarmd/drools-rules.d/ directory.

Additionally, we no longer generate alarmCreated, alarmEscalated, alarmCleared, alarmUncleared, alarmUpdatedWithReducedEvent, and alarmDeleted events. Instead, it is recommended that you add Drools rules to react to alarm changes.

For more complicated integrations, we also have a new API — AlarmLifecycleListener — for reacting to alarm changes.

Kafka Data Collection Sync

In addition to publishing events, alarms, and node inventory to Kafka, we now publish collected time-series data to the Kafka bus as well.

Minion

The Sink API on the Minion has been enhanced to support buffering messages to the filesystem in cases where ActiveMQ or Kafka get disconnected from OpenNMS.

Sentinel

In addition to the Minion, we have added a new container-based subsystem called "Sentinel." The Sentinel is a Karaf container that can be configured to run a subset of OpenNMS daemons as a standalone tool, to aid in horizontal scaling and/or high availability.

Sentinel is designed to run our Karaf/Camel/SQS-based messaging bus, syslog listener, telemetry receiver, and Newts and Elasticsearch persistence.

Node and Interface Metadata

There is now support for associating arbitrary metadata with nodes and interfaces, including configuring arbitrary metadata in the requisition UI.

For details on using the metadata APIs, see the Admin Guide and the Developer Guide.

Breaking Changes

PostgreSQL 10

OpenNMS Meridian 2019 is supported on PostgreSQL 10 or later.

If you are upgrading from an OpenNMS using an older PostgreSQL version, you can use the pg_upgrade tool to migrate. For details on the migration process, see the PostgreSQL pg_upgrade documentation.

If you are running on a distribution that does not provide PostgreSQL 10 packages by default, you can download packages provided by PostgreSQL instead.

Minion Packages Combined

The Minion RPM and Debian/Ubuntu packages have been combined into a single package. Previously it was possible to just install the core container and optionally a set of features on top, but in the real world no one used this, and it’s still possible to choose what features are used with the configuration.

If you were previously only installing the sub-packages and not installing the wrapper opennms-minion RPM package, you may need to run this command to upgrade cleanly: 
$ yum swap 'opennms-minion*' -- install opennms-minion

Elasticsearch 7.x Support

Version Compatibility

All of the features that leverage integrations with Elasticsearch (i.e., event & alarm history, flows & situation feedback) have been updated to support Elasticsearch 7.x. Elasticsearch versions before 7.x are no longer supported.

Given the pace of change and the number of breaking changes between major versions of Elasticsearch, we will focus on supporting a single major version of Elasticsearch per release moving forward.

ReST Plugin Configuration

The configuration of the Elasticsearch ReST plugin has changed.

Some properties have new defaults and have been renamed. It is now also possible to define index settings and provide a index strategy to have more control over the index creation.

Some properties of the plugin have changed. The following table shows the old (no longer supported) and the new property name, as well as the new default, which is used if the configuration is not updated manually. Please update the configuration file etc/org.opennms.plugin.elasticsearch.rest.forwarder.cfg accordingly. For more details on how to configure the plugin to use Elasticsearch refer to Configure Elasticsearch.

Old parameter New parameter Default Value

elasticsearchUrl

elasticUrl

http://localhost:9200

esusername

globalElasticUser

-

espassword

globalElasticPassword

-

timeout

connTimeout

5000

socketTimeout

readTimeout

30000

In addition the following default values have changed:

Parameter Old default New default

batchSize

1

200

batchInterval

0

500

connTimeout

3000

5000

readTimeout

3000

30000
Index Properties

It is now possible to define index-related properties, e.g. the number of shards and replicas. It is also possible to define a property elasticIndexStrategy to determine if a hourly, daily, monthly or yearly index should be created. It defaults to monthly.

For more details please refer to Configure Elasticsearch.

Karaf Container

The embedded Karaf has been upgraded to 4.2.

This changes the default users.properties file. Ensure that the admingroup in ${OPENNMS_HOME}/etc/users.properties contains the role ssh. You can use the new default users.properties file for comparison.

Other notable Karaf and OSGi-related changes include:

  • We now support adding OSGi-capable code at runtime by putting a .kar file in the deploy/ directory and adding relevant features to boot files in etc/featuresBoot.d/.

  • The usage of config:edit has changed in some cases. This affects all configuration edits, where the configuration contains a -, e.g. org.opennms.features.telemetry.listeners-udp-50003. If you are using Minion, you may be affected (e.g. for Telemetry Listeners/Adapters).

    For example, this set of configuration commands:

    config:edit org.opennms.features.telemetry.listeners-udp-50003
config:property-set key value
config:update

    …​should now be written as:

    config:edit --alias udp-50003 --factory org.opennms.features.telemetry.listeners
config:property-set key value
config:update

Polling, Collection, Plugins, Parsers, and Services

  • Cassandra JMX: The cassandra30x.xml datacollection config for thread pool metrics has been modified to be of type counter rather than type gauge. If you are using RRD or JRobin storage, you will need to delete any .jrb or .rrd files with both path_request and CurrentlyBlockedTasks in their filename (eg, org_apache_cassandra_metrics_type_ThreadPools_path_request_scope_MutationStage_name_CurrentlyBlockedTasks.jrb).

  • Pollerd and Collectd: Additional attributes for thread pool graphs have been added to the Pollerd and Collectd mbeans. If you are using storeByGroup=true with RRD or JRobin, you will need to delete the OpenNMS_Name_Pollerd and OpenNMS_Name_Collectd .jrb or .rrd files and let them be reinitialized. Newts and storeByGroup=false should be unaffected.

  • Dhcpd: The Dhcpd plugin (and its configuration) was removed in favor of a Minion-capable implementation. The new DhcpMonitor options can be set in the poller-configuration.xml file.

  • Syslog: The default parser used for Syslog messages has been switched from the CustomSyslogParser to the RadixTreeSyslogParser.

  • Plugins: The Plugin Manager is no longer distributed with OpenNMS. Features or bundles should be installed via the Karaf Shell.

If you have legacy SNMP agents which only support 32bit interface counters, the data collection for this interfaces will stop after you upgraded to 22.0.0. To get them enabled, you have to create a data collection package and add the mib2-interfaces data collection group manually for this devices with the example below.
Example to collect 32bit MIB-2 Interface counter from nodes in a category configured in collectd-configuration.xml
<package name="Legacy-MIB2-Interfaces" remote="false">
    <filter>categoryName == 'Legacy-MIB2-Interfaces'</filter>
    <include-range begin="1.1.1.1" end="254.254.254.254"/>
    <include-range begin="::1" end="ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff"/>

    <service name="SNMP" interval="300000" user-defined="false" status="on">
        <parameter key="collection" value="legacy-32bit-mib2"/>
        <parameter key="thresholding-enabled" value="true"/>
    </service>
</package>
Load the Legacy MIB-2 Interfaces metrics configured in the datacollection-config.xml
<snmp-collection name="legacy-32bit-mib2" snmpStorageFlag="select">
    <rrd step="300">
        <rra>RRA:AVERAGE:0.5:1:2016</rra>
        <rra>RRA:AVERAGE:0.5:12:1488</rra>
        <rra>RRA:AVERAGE:0.5:288:366</rra>
        <rra>RRA:MAX:0.5:288:366</rra>
        <rra>RRA:MIN:0.5:288:366</rra>
    </rrd>
    <include-collection dataCollectionGroup="Legacy_MIB2-Interfaces"/>
    <include-collection dataCollectionGroup="REF_MIB2-Interfaces"/>
</snmp-collection>

Removed from Meridian 2019

  • The Centric Trouble Ticketer plugin has been removed.

  • The NCS-Alarm page and the NCS-Topology-Plugin have been removed. See issue NMS-11493.

  • The remote poller map has been removed.

  • The Alarm Change Notifier plugin has been removed due to performance problems. Use the Alarm History function instead.

  • The resourcecli tool has been removed in favor of Karaf shell commands to perform the same operations.

Vacuumd Alarm Handling

In previous OpenNMS releases, a large portion of the alarm workflow was handled by Vacuumd automations, triggers, and actions. As part of the work to implement alarm correlation, this logic has been moved to Drools, running inside Alarmd.

If you made any changes to vacuumd-configuration.xml related to alarms, it is strongly recommended you port them to the new Alarmd Drools context. The Drools rules are in the $OPENNMS_HOME/etc/alarmd/drools-rules.d/ directory.

Also, we no longer generate alarmCreated, alarmEscalated, alarmCleared, alarmUncleared, alarmUpdatedWithReducedEvent, and alarmDeleted events. Instead, we recommend that you add Drools rules to react to alarm changes. For more complicated integrations, we also have a new API — AlarmLifecycleListener — for reacting to alarm changes.

Event (and Alarm) Date/Time Formats

Events and alarms previously used the current locale for formatting timestamps. As of Meridian 2019, we now format dates as ISO-8601 date-time with offsets (e.g., 2011-12-03T10:15:30+01:00) and we expect dates in incoming events to be the same. This reduces the amount of code we run through trying to figure out date formats while parsing events, and simplifies things to work no matter what locale you are using.

Kafka Producer Metrics

  • For Interface Resources, a String attribute named __ifIndex is added to represent missing Interface ifIndex in String form.

Developer Considerations

  • The HttpService can no longer be consumed. This will only affect custom implementations of HTTP Servlets and Resources, but only if they are exposed via httpServices.register(…​). If you need those, please expose the according services via the OSGi Service Registration. Refer to the OSGi Http Whiteboard Specification for more details.

  • Exposing Servlets now follow the OSGi Specification. Refer to the OSGi Http Whiteboard Specification for more details.

  • Properties to expose Vaadin Applications have changed:

    • init.widgetset becomes servlet.init.widgetset

    • alias becomes osgi.http.whiteboard.servlet.pattern

Helm 4/5

Technically not a part of OpenNMS, but it’s important to note that as of Helm 4, we have replaced the "Faults" datasource with a new "Entities" datasource. Migration of existing dashboards requires a few manual steps; documentation on how to do so are available in the latest Helm documentation.

Other Improvements

Since Meridian 2019 is based on Horizon 25, it contains all the fixes and updates that have occurred since Meridian 2018 was created from the Horizon 21 codebase.

For a more complete list of changes included in this release, see the "What’s New" documentation for the following Horizon releases:

Changelog

Release Meridian-2019.1.40

Release 2019.1.40 contains a solitary bug fix. It is the last scheduled release in the Meridian 2019 series.

The codename for Meridian 2019.1.40 is Nachtwacht.

Bug

  • Unexpected interfaceDown event/alarm during a scheduled outage (Issue NMS-14695)

Release Meridian-2019.1.39

Release 2019.1.39 contains a couple of bug fixes and security fixes.

The codename for Meridian 2019.1.39 is Arion.

Bug

  • Kafka Producer NPE causes collection failure overall (Issue NMS-14740)

Story

  • Reflected XSS (PB-2022, Aug 2022) (Issue NMS-14713)

  • Browser-Specific XSS (PB-2022, Aug 2022) (Issue NMS-14714)

  • Session Cookie (Authentication Related) Does Not Contain The "HTTPOnly" Attribute (Issue NMS-14717)

Release Meridian-2019.1.38

Release 2019.1.38 contains a couple of bug fixes.

The codename for Meridian 2019.1.38 is Spe.

Bug

  • change or remove how Docker SSH keys are generated (Issue NMS-14643)

  • Graph page doesn’t escape <> in resource labels (Issue NMS-14657)

Story

  • PassiveStatusd (Issue NMS-8567)

  • Provisiond (Issue NMS-8569)

  • Please update the copyright year on the docs page! (Issue NMS-13911)

  • Upgrade dom4j to latest version (Issue NMS-14696)

Task

  • Change OIA name to OpenNMS Plugin API (Issue NMS-14475)

Enhancement

  • Migrate Notification wiki pages into docs (Issue NMS-13584)

Release Meridian-2019.1.37

Release 2019.1.37 contains a few small bug fixes.

The codename for Meridian 2019.1.37 is Santamasa.

Bug

  • Clearing an alarm brings alarm not found message (Issue NMS-12981)

  • JVM MemoryPool data collection not working (Issue NMS-14041)

  • WebMonitor does not track the response time (Issue NMS-14535)

  • Spring Framework CVE-2022-22950 Remediation (Issue NMS-14568)

Story

  • Please update the copyright year on the docs page! (Issue NMS-13911)

Task

  • Update XSD URL (Issue NMS-14150)

  • How to merge config on upgrade using Git (Issue NMS-14281)

Enhancement

  • simplify assembly tarballs (Issue NMS-14572)

Release Meridian-2019.1.36

Release 2019.1.36 contains a few small bug fixes and enhancements.

The codename for Meridian 2019.1.36 is Abol.

Bug

  • Correct Grammar in Notices Box (Issue NMS-12355)

  • Link in ERROR log doesn’t exist (Issue NMS-13956)

  • Heatmap drill down does not show any alarms/outages (Issue NMS-14243)

  • Notification with Destination Path and Group, Interval Delay doesnt show (Issue NMS-14403)

Enhancement

  • event nodeCategoryMembershipChanged should be more verbose (Issue NMS-10634)

  • upgrade JNA to 5 (Issue NMS-14417)

Release Meridian-2019.1.35

Release 2019.1.35 contains a few small bug fixes.

The codename for Meridian 2019.1.35 is Kererū.

Bug

  • [Web] - WebServer Fingerprinting (Issue NMS-13987)

  • Telemetryd does not shut down gracefully (Issue NMS-14003)

  • Exception when searching assets (Issue NMS-14240)

  • Remove "Commercial Support" ticket lookup from web ui support section (Issue NMS-14280)

  • Circle ci caching OIA issue (Issue NMS-14291)

  • Kafka-Producer Alarm Resync Failing Post Entire Kafka Cluster Outage (Issue NMS-14321)

Release Meridian-2019.1.34

Release 2019.1.34 contains a number of security dependency updates.

While the dependency changes should not affect how the OpenNMS runtime works, this release contains a larger than usual number of changes to "plumbing" to facilitate these dependency updates. It is strongly recommended that you do more than the usual amount of testing before deploying this update to a production environment.

The codename for Meridian 2019.1.34 is Bran.

Bug

  • CVE-2022-22965: Spring RCE in Data Bindings (Issue NMS-14134)

  • Upgrade groovy-all dependency (Issue NMS-14208)

  • make sure license-maven-plugin is re-enabled in foundation and release branches (Issue NMS-14217)

  • Upgrade jackson-mapper-asl dependency (Issue NMS-14252)

Release Meridian-2019.1.33

Release 2019.1.33 contains a few small fixes and enhancements.

The codename for Meridian 2019.1.33 is Veles.

Bug

  • Resolve SonarCloud High priority Security Hotspots (Issue NMS-14002)

  • Scriptd helpers ignore community setting (Issue NMS-14045)

  • Wrong wiki URL in debian installer (Issue NMS-14053)

Enhancement

  • Switch to using a java e-mail library instead of system mail (Issue NMS-14015)

  • Misspelling in SystemExecuteMonitor error text (Issue NMS-14091)

  • relicense rancid-api to LGPL, change dependency to match (Issue NMS-14093)

Release Meridian-2019.1.32

Release 2019.1.32 contains a fix for a regression in graph viewing.

The codename for Meridian 2019.1.32 is Onasilos.

Bug

  • OpenNMS points to the wrong URL when trying to generate graphs (Issue NMS-14057)

Release Meridian-2019.1.31

Release 2019.1.31 contains mostly bug fixes, including some small security-related changes.

The codename for Meridian 2019.1.31 is Victoriapeak.

Bug

  • opennms user credentials wrongly exposed (Issue NMS-12146)

  • Support → System Report exposes credentials in plain text (Issue NMS-13831)

  • Cross site scripting - Reflected (Issue NMS-13835)

  • Password field with autocomplete enabled (Issue NMS-13847)

  • Web UI copyright year needs updating (Issue NMS-14037)

Enhancement

  • Releases should document third party libraries and their licenses (Issue NMS-14004)

Release Meridian-2019.1.30

Release 2019.1.30 is a small release with a number of bug fixes, including a few security fixes related to Grafana PDF reports and Protobuf.

Thanks to Sahil Tikoo from Etisalat for reporting the Grafana endpoint issue.

A note about security issues: we have traditionally created CVEs in a pretty ad-hoc manner. We are in the process of formalizing how we’ll be doing so going into the future.

The codename for Meridian 2019.1.30 is Pipitea.

Bug

  • config-tester doesn’t find malformed resourceTypes (Issue NMS-13723)

  • Event configuration UI fails to persist logmsg dest changes (Issue NMS-13729)

  • Outdated javascript library (Issue NMS-13848)

  • grafana endpoint can be used to port-scan internal resources (Issue NMS-13917)

  • Minion fails to marshall requisition with JAXB error: Class [org.opennms.netmgt.model.PrimaryTypeAdapter] not found (Issue NMS-13927)

  • Unsynchronized access to service factories in TelemetryServiceRegistryImpl (Issue NMS-13961)

Enhancement

  • Upgrade protobuf-java version (Issue NMS-13889)

Release Meridian-2019.1.29

Release 2019.1.29 is a small release with another upgrade for Log4j2 as well as an NPE fix in the topology UI.

It is not believed that we are vulnerable to the Log4j issues fixed in these newer releases, but are updating anyway just to be sure.

The codename for Meridian 2019.1.29 is Laligurans.

Bug

  • Customer is not able to view Topology (Issue NMS-13851)

  • CVE-2021-45105: Update to Log4j 2.17.0 (Issue NMS-13868)

  • upgrade to log4j2 2.17.1 and pax-logging 1.11.13/2.0.14 (Issue NMS-13878)

Release Meridian-2019.1.28

Release 2019.1.28 is a re-release of 2019.1.27 with additional fixes relating to Log4j2 vulnerabilities.

The codename for Meridian 2019.1.28 is Xolotlan.

Bug

  • CVE-2021-45046: incomplete Log4j2 vulnerability mitigation (Issue NMS-13858)

Release Meridian-2019.1.27

Release 2019.1.27 is an out-of-band release with a fix for the Log4j2 security issue.

The codename for 2019.1.27 is Ixbalanqué.

Bug

  • Log4j2 0-day: CVE-2021-44228 (Issue NMS-13850)

Release Meridian-2019.1.26

Release 2019.1.26 contains a fix for a Jetty CVE, and an update to fix a bug in user auth changes.

The codename for 2019.1.26 is Awasis.

Bug

  • Authorization changes not taking immediate effect (Issue NMS-13761)

  • CVE-2021-28164: access to WEB-INF (Issue NMS-13832)

Release Meridian-2019.1.25

Release 2019.1.25 contains a few small features updates and a number of bug fixes, including an XSS security issue in the notifications wizard.

The codename for 2019.1.25 is Brahe.

Bug

  • The node and interface counters of the Evaluation Layer are incorrect (Issue NMS-13283)

  • EvaluationMetrics.log is contaminated with non-related metrics. (Issue NMS-13284)

  • Reflected XSS in webapp notice wizard (Issue NMS-13496)

  • macOS Monterey: older OpenNMS branches do not start anymore (Issue NMS-13703)

  • related events box in alarm detail shows all events when alarm has no node / interface / service / ifindex (Issue NMS-13705)

New Feature

  • Incorporate node related information to events and alarms topic in opennms-kafka-producer feature (Issue NMS-12778)

  • Show Link State when viewing links on the Enlinkd topology maps (Issue NMS-13619)

Release Meridian-2019.1.24

Release 2019.1.24 contains a couple of small bug fixes.

The codename for 2019.1.24 is Hairu.

Bug

  • Signed Minion container bleeding image shows revision as meridian-foundation-2021.1.4-1-487 (Issue NMS-13587)

  • missing fields in search autocomplete (Issue NMS-13518)

Release Meridian-2019.1.23

Release 2019.1.23 contains a few small bug fixes, including a CVE dependency update.

The codename for 2019.1.23 is Boinayel.

Bug

  • Syslog messages missing nodelabel, location, and interface (Issue NMS-13485)

  • Bump Apache Ant version to 1.10.11 (CVE-2021-36373, CVE-2021-36374) (Issue NMS-13509)

Release Meridian-2019.1.22

Release 2019.1.22 contains an update for a Jetty CVE plus a couple of XSS fixes.

The codename for 2019.1.22 is Ugarit.

Bug

  • Jetty 9.4.38 security issues CVE-2021-28164, CVE-2021-34428 and CVE-2021-28169 (Issue NMS-13449)

  • Reflected XSS in webapp notice wizard (Issue NMS-13496)

  • Reflected XSS in scheduled outage editor (Issue NMS-13498)

Release Meridian-2019.1.21

Release 2019.1.21 contains a few dependency security updates and an enhancement to the Kafka producer.

The codename for 2019.1.21 is Phobetor.

Enhancement

  • Incorporate node related information to events and alarms topic in opennms-kafka-producer feature (Issue NMS-12778)

Bug

  • CVE-2020-13956: Update commons-httpclient to 4.5.13 (Issue NMS-13360)

  • CVE-2017-5929: bump logback-classic version to latest (Issue NMS-13361)

Release Meridian-2019.1.20

Release 2019.1.20 contains a few bug fixes and small enhancements.

The codename for 2019.1.20 is Barajeel.

Bug

  • IP interface link in Response Time graph page is broken (Issue NMS-13158)

  • Validate query parameters in snmpInterfaces.jsp (Issue NMS-13308)

  • Validate name parameter in DestinationWizardServlet (Issue NMS-13309)

Enhancement

  • Incorrect reference to org.opennms.netmgt.syslog.cfg (Issue NMS-13223)

  • Location aware Requisitions from DNS (Issue NMS-13278)

Release Meridian-2019.1.19

Release 2019.1.19 contains a number of security fixes, as well as fixes for a few other bugs.

The codename for 2019.1.19 is Ditsö̀.

Bug

  • Not possible to define notification parameters via "Configure notifications" UI (Issue NMS-8581)

  • Race condition on ALEC’s config bundle after installation (Issue NMS-12766)

  • Reflected XSS reported 2021-03-31 (update summary after disclosure) (Issue NMS-13229)

  • Backport Security Issues from Last Month (Issue NMS-13231)

  • vmware integration connection pool not expiring connections (Issue NMS-13234)

  • Cleared alarms with closed ticket state not removed when using a hybrid approach (Issue NMS-13237)

  • Fix Foundation 2019 branch building (Issue NMS-13275)

  • Apache Commons IO Security Update: CVE-2021-29425 (Issue NMS-13279)

Release Meridian-2019.1.18

Release 2019.1.18 contains a number of small bug fixes, as well as a fix for a Jetty DoS CVE.

The codename for 2019.1.18 is Quaoar.

Bug

  • Generate Data collection throws error message "There is a group with same name, please pick another one" under MIB browser (Issue NMS-13143)

  • 'Links on interface' table was missing for interface under node list (Issue NMS-13145)

  • Regular Expression field textbox greyed out for other Events except 'REGEX_FIELD' under Event notifications (Issue NMS-13149)

  • Query Regarding saving a filter URL with more than 255 characters in events ILP (Issue NMS-13152)

  • Kafka producer uses resource name instead of ifIndex as the instance for InterfaceLevelResource (Issue NMS-13185)

  • The behavior of the Ticketing API differs from older versions. (Issue NMS-13189)

  • CVE-2020-27223: Jetty DoS vulnerability (Issue NMS-13201)

  • Minion SNMPv3 trap configuration query is done every 60 seconds (Issue NMS-13217)

  • Change Jetty default settings to eliminate TLS 1.0 and TLS 1.1 support (Issue NMS-10256)

Release Meridian-2019.1.17

Release 2019.1.17 contains a number of small bug fixes and enhancements, including some UI cleanups, Newts fixes, and a security update to Apache POI.

The codename for 2019.1.17 is Heidigraf.

Bug

  • Actively collected metrics suddenly become unavailable through API and Web UI due to static TTL on Newts search index (Issue NMS-13029)

  • No option provided to change the number of records per page in Events ILP and Events/Alarms ILP under Topology (Issue NMS-13137)

  • The OpenNMS Web User Interface Has Experienced an Error observed when searching for a Event under Event notifications (Issue NMS-13148)

  • Node’s sub-option 'Availability' exceeds table alignment and overlaps next table of 'Notifications' under Topology section (Issue NMS-13153)

  • Newts Cache priming flag is inverted (Issue NMS-13156)

  • Dependabot: Upgrade Apache POI to 3.17 (CVE-2017-12626) (Issue NMS-13161)

Enhancement

  • create a table to show related events in the alarm detail view (Issue NMS-13170)

Release Meridian-2019.1.16

Release 2019.1.16 contains a cleanup to JEXL expression handling and a fix for SFlow hostname enrichment.

The codename for 2019.1.16 is Orwell.

Bug

  • SFlow enhancment is not functional (Issue NMS-13093)

  • JEXL expression handling updates (Issue NMS-13103)

Release Meridian-2019.1.15

Release 2019.1.15 contains an SNMP poller fix and a small enhancement to package dependencies.

The codename for 2019.1.15 is Birnfeld.

Bug

  • ArrayIndexOutOfBoundsException thrown by the SNMP Interface Poller (Issue NMS-13042)

Enhancement

  • Depend on haveged (and supply it in our repo) (Issue NMS-8959)

Release Meridian-2019.1.14

Release 2019.1.14 contains a couple of critical bug fixes.

The codename for 2019.1.14 is Quintilla.

Bug

  • RRD files for SNMP data are not created until a Service Restart (Issue NMS-12974)

  • CVE-2020-27216: Jetty webserver vulnerability (Issue NMS-13009)

Release Meridian-2019.1.13

Release 2019.1.13 contains a few bug fixes and one enhancement.

The codename for 2019.1.13 is Kazlauskas.

Bug

  • service starts / restarts work but spit out an error if configured to wait for startup (Issue NMS-12966)

  • Alarm (v1 & v2) ReST Service PUT Can’t PUT Multiple Things (Issue NMS-12979)

Enhancement

  • Identify message broker strategies in web "about" page (Issue NMS-12971)

Release Meridian-2019.1.12

Release 2019.1.12 contains a number of small bug fixes and a few enhancements.

The codename for 2019.1.12 is Ukalegon.

Bug

  • HTTP Detector does not accept a response without a reason as valid (Issue NMS-10351)

  • Eventconf with same UEI but differing masks does not follow first-found-wins rule when some events have alarm-data elements and some do not (Issue NMS-12755)

  • Interfaces incorrectly marked as having flows resulting in no data via Helm (Issue NMS-12814)

  • make allowing legacy MD5 passwords configurable (Issue NMS-12817)

  • ArrayIndexOutOfBoundsException thrown by the SNMP Interface Poller (Issue NMS-12818)

  • Integration API: Alarm.type is unset (Issue NMS-12923)

  • Custom Resource Performance Reports returns Missing Parameter: resourceId (Issue NMS-12939)

Enhancement

  • SNMP special configs are missing in the docs (Issue NMS-10382)

  • Include XML schema for wsman-datacollection-config.xml in assemblies (Issue NMS-12813)

  • sort custom reports (Issue NMS-12931)

  • Update Copyright notice for 2020 (Issue NMS-12933)

Release Meridian-2019.1.11

Release 2019.1.11 contains a bunch of bug fixes and a few handy enhancements.

The codename for 2019.1.11 is Haumea.

Bug

  • Slack-compatible notification strategies expect "url" for switch name, should be "-url" (Issue NMS-10552)

  • Can’t install Horizon on Ubuntu 20.04 LTS (Issue NMS-12693)

  • opennms.pid missing when started by Systemd (Issue NMS-12769)

  • Resource Graph properties throws exception if label starts with a number (Issue NMS-12793)

  • Wildcard certificate rejected after upgrade (Issue NMS-12805)

  • Syslogd is sending new suspect events with null IP Address (Issue NMS-12824)

  • NPE while running AlarmLifecycleListenerManager (Issue NMS-12825)

  • Fix CollectdTest mock’ing errors (Issue NMS-12828)

  • Fix JMX datacollection config generator test (Issue NMS-12829)

  • Response Time Summary database report missing latency caluculation (Issue NMS-12837)

  • SslContextFactory needs to be changed to SslContextFactory.Server in jetty.xml (Issue NMS-12847)

  • Custom Resource Performance Reports is broken (Issue NMS-12870)

Enhancement

  • Support encryption for SNMP V3 credentials (Issue NMS-12753)

  • AbstractXmlCollectionHandler.parseString() doesn’t handle json content (Issue NMS-12812)

  • Syslog should fallback on source address if hostname is not DNS resolvable. (Issue NMS-12846)

Release Meridian-2019.1.10

Release 2019.1.10 contains a few enhancements and a number of bugfixes.

The codename for 2019.1.10 is Ceres.

Bug

  • interfaceSnmpByIfIndex fails if SNMP interface has no physical address (Issue NMS-12775)

  • Searching for alarms in the v2 API with a reductionKey that includes a comma or semicolon results in a 500 error (Issue NMS-12777)

  • Backport log4j version update to older release(s) (Issue NMS-12791)

  • Support for optional snmpTrapAddress varbind needs documenting (Issue NMS-12795)

  • Broken link to "Standalone HTTPS with Jetty" in documentation. (Issue NMS-12804)

  • Rendering problems with complex custom Flow Classification Rules (Issue NMS-12806)

  • RRD-to-Newts Converter doesn’t handle fully-overlapping RRAs (Issue NMS-12835)

Enhancement

  • Encrypt the password in REST API POST endpoint /opennms/rest/users (Issue NMS-6470)

  • Update OpenNMS DB functions and tests to handle Postgres 12 (Issue NMS-12819)

Release Meridian-2019.1.9

Release 2019.1.9 is a small update to 2019.1.8 that fixes a few bugs and makes some Docker-related improvements.

This release changes the Systemd service name back from meridian to opennms to match previous releases. You may need to run systemctl disable meridian and/or systemctl enable opennms to make sure OpenNMS starts on reboot.

The codename for 2019.1.9 is Pluto.

Bug

  • AbstractSnmpValue.allBytesDisplayable() IndexOutOfBound Exception (Issue NMS-7547)

  • Update examples/opennms.conf to be JDK11-compatible (Issue NMS-12468)

  • RRD-to-Newts converter only handles AVERAGE RRAs (Issue NMS-12722)

  • dependency commons-beanutils 1.8.3 vulnerability (Issue NMS-12757)

  • Kafka Producer puts all events on the same partition when using donotpersist (Issue NMS-12784)

  • The Systemd service definition is called meridian not opennms (Issue LTS-239)

Enhancement

  • Reduce Docker container image size (Issue NMS-12284)

  • upgrade to latest Jetty security/bug fixes (Issue NMS-12743)

Release Meridian-2019.1.8

Release 2019.1.8 is the ninth release in the Meridian 2019 series.

It contains a number of bug and documentation fixes as well as a few small enhancements.

The codename for 2019.1.8 is Neptune.

Bug

  • SSLCertMonitor server-name parameter results in NPE (Issue NMS-12332)

  • Fix warnings during documentation build (Issue NMS-12702)

  • Images are broken in admin guide (Issue NMS-12713)

  • Cleanup removed Elasticsearch REST plugin and hint to Plugin Manager (Issue NMS-12716)

  • Events forwarded by Kafka Producer doesn’t have any parameters set (Issue NMS-12723)

New Feature

  • Bump Docker base dependencies in build-env and OCI artifacts (Issue NMS-12699)

  • Send trouble ticket id to kafka alarm topic (Issue NMS-12725)

Release Meridian-2019.1.7

Release 2019.1.7 is the eighth release in the Meridian 2019 series.

It contains a few bug fixes as well as a number of enhancements to the documentation.

The codename for 2019.1.7 is Uranus.

Bug

  • Prevent multiple node scans from being scheduled for a single node (Issue NMS-12504)

  • Add more context to Response Time resources (Kafka Producer) (Issue NMS-12661)

  • Reloading the Pollerd daemon causes multiple nodeDown messages (Issue NMS-12681)

  • Streaming Telemetry is broken when using OpenJDK 11 and minion (Issue NMS-12688)

Enhancement

  • Document JDBCQueryMonitor "compare_string" Action (Issue NMS-9581)

  • SystemExecuteMonitor fails with exit code 6 (Issue NMS-12564)

  • Add an example for SystemExecuteMonitor into the docs (Issue NMS-12568)

  • Provide written procedures on the proper way to restart (Issue NMS-12650)

Release Meridian-2019.1.6

Release 2019.1.6 is the seventh release in the Meridian 2019 series.

It is an off-schedule release to fix a vulnerability in ActiveMQ and the Minion. Thanks to Florian Hauser of Code White for catching this one.

The codename for 2019.1.6 is Europa.

Bug

  • Authenticated RCE vulnerability via ActiveMQ Minion payload deserialization (Issue NMS-12673)

Release Meridian-2019.1.5

Release 2019.1.5 is the sixth release in the Meridian 2019 series.

It fixes a few more security issues, as well as a number of other bugs and a couple of enhancements. Hat tip to Johannes Moritz for the security report.

The codename for 2019.1.5 is Saturn.

Bug

  • SNMP Remove from definitions fails for definitions with profile label (Issue NMS-12413)

  • persisted defaultCalendarReport database reports are broken (Issue NMS-12438)

  • Security issue disclosures, 31 Jan 2020 (Issue NMS-12513)

  • Selecting an Icon on Topology Map breaks the map (Issue NMS-12532)

  • Description: Cannot create monitored-service with JSON via ReST (Issue NMS-12625)

  • Confd download fails silently on Docker install (Issue NMS-12642)

Enhancement

  • Event documentation is missing tokens (Issue NMS-12228)

  • Splitting Docker documentation in Horizon, Minion and Sentinel (Issue NMS-12529)

  • Improve OIA performance when mapping alarms (Issue NMS-12581)

  • Events not balanced across partitions when using opennms-kafka-producer (Issue NMS-12616)

Release Meridian-2019.1.4

Release 2019.1.4 is the fifth release in the Meridian 2019 series.

It fixes an HQL injection bug, as well as a few other issues. Hat tip to Johannes Moritz for the security report.

The codename for 2019.1.4 is Jupiter.

Bug

  • Cannot process SNMPv3 Informs due to random Engine ID associated with users (Issue NMS-12473)

  • Downtime model change was not updated in the docs (Issue NMS-12520)

  • HQL Injection (Issue NMS-12572)

Enhancement

  • Support signing code in CircleCI (Issue NMS-12557)

Release Meridian-2019.1.3

Release 2019.1.3 is the fourth release in the Meridian 2019 series.

It contains a few bug fixes, most notably a fix for some NPEs as well as a performance issue in topology processing.

The codename for 2019.1.3 is Mars.

Bug

  • changing GUI date/timeformat breaks requisition update/import date/time display (Issue NMS-12428)

  • Inefficient locking in the TopologyUpdater class (Issue NMS-12443)

  • MIB Compiler fails with Null Pointer Exception (Issue NMS-12459)

  • The Karaf poller:test command is not location aware (Issue NMS-12460)

  • NPE while compiling a MIB (Issue NMS-12472)

Release Meridian-2019.1.2

Release 2019.1.2 is the third release in the Meridian 2019 series.

It contains a number of alarm classification bug fixes and performance improvements, flow enhancements, and more.

The codename for 2019.1.2 is Earth

Bug

  • possible issue in JCIFS Monitor - contiously increase of threads - finally heap dump (Issue NMS-12407)

  • Wrong links in the Help/Support page (Issue NMS-12418)

  • Classification Engine reload causes OOM when defining a bunch of rules (Issue NMS-12429)

  • Cannot define a specific layer in topology app URL (Issue NMS-12431)

  • Classification UI: Error responses are not shown properly (Issue NMS-12432)

  • Classification Engine: The end of the range is excluded, which is not intuitive (Issue NMS-12433)

  • Ticket-creating automations are incorrectly enabled by default (Issue NMS-12439)

  • Enable downtime model-based node deletion to happen when unmanaged interfaces exist (Issue NMS-12442)

  • Improve alarmd Drools engine performance by using STREAM mode (Issue NMS-12455)

Enhancement

  • Refactoring of the Cassandra installation instructions (Issue NMS-12397)

  • Allow telemetry flows to balance across Kafka partitions (Issue NMS-12427)

  • Add system test for IpfixTcpParser (Issue NMS-12434)

  • Associate exporter node using Observation Domain Id (Issue NMS-12435)

Release Meridian-2019.1.1

Release 2019.1.1 is the second release in the Meridian 2019 series.

It contains a number of bug fixes mostly related to alarm and event processing and potential resource leaks, as well as provisioning enhancements to SNMP profiles.

The codename for 2019.1.1 is Venus.

Bug

  • Readiness probe with Minion in Kubernetes with health:check does not work (Issue NMS-12120)

  • Cannot use poller:poll karaf command with WsManMonitor through Minions (Issue NMS-12365)

  • Strange behavior on used threads and file descriptors on Minion (Issue NMS-12366)

  • Upstream Drools Bug: From with modify fires unexpected rule (Issue NMS-12367)

  • "Page Not Found" in alarm-list when choosing number of alarms in dropdown-list (Issue NMS-12379)

  • Build failure during release for 25.1.0 in CircleCI (Issue NMS-12380)

  • backport missing patches from 25.1.0 to foundation-2019 (Issue NMS-12384)

  • Discovery does not honor exclude-range inside a definition (Issue NMS-12385)

  • Discovery exclude-range is not location-aware (Issue NMS-12386)

  • Update OpenJDK 11.0.4 to 11.0.5 (Issue NMS-12387)

  • Elasticsearch event forwarder manipulates in-flight event (Issue NMS-12390)

  • send-event.pl is broken after OpenNMS 25.1.0 update (Issue NMS-12392)

  • SNMP profile fitting is not triggered in some cases when MINION is involved (Issue NMS-12399)

  • Alarmd fails intermittently and OOMs (Issue NMS-12412)

  • SNMP Remove from definitions fails for definitions with profile label (Issue NMS-12413)

Enhancement

  • Create a step-by-step guide how to setup Kafka for Minions (Issue NMS-12368)

  • Enhance new snmp profiles to allow fitting to nodes inside requisitions without SNMP service associated to any IPs configured (Issue NMS-12396)

Release Meridian-2019.1.0

Release 2019.1.0 is the first release in the Meridian 2019 series.

The codename for 2019.1.0 is Mercury.

Bug

  • removed service will break BSM web ui (Issue NMS-9322)

  • Event parameters no longer preserve ordering (Issue NMS-9827)

  • The JMX-Cassandra service goes down for all the cluster when a single instance is down. (Issue NMS-10027)

  • deleting a BSM monitor while an alarm is active doesn’t clear the alarm (Issue NMS-10184)

  • default event description is incorrect (Issue NMS-10346)

  • Config tester doesn’t detect missing xml datacollection file (Issue NMS-10396)

  • BSM alarm severity is not being updated (Issue NMS-10578)

  • snmp authentication error traps with Enhanced Linkd / bridge discovery (Issue NMS-10582)

  • Zooming with Backshift is broken (Issue NMS-10635)

  • Karaf shell history thrown out with bathwater on upgrade (Issue NMS-10664)

  • Node detail page renders with no content when invalid node ID specified (Issue NMS-10679)

  • Apparent memory leak in JMX collector, possibly restricted to "weird" JMX transports (Issue NMS-10684)

  • Elasticsearch forwarding fails to recover after outage (Issue NMS-10697)

  • Flow rest results for top N queries are not returned in the correct order (Issue NMS-12104)

  • karaf.log appears on the root file system when running Minion/Sentinel on Ubuntu/Debian. (Issue NMS-12125)

  • WS-MAN doesn’t work with JDK 11 (Issue NMS-12235)

  • ReST API for meta-data doesn’t support JSON (Issue NMS-12272)

  • UI for meta-data is only present when using the horizontal layout (Issue NMS-12273)

  • Groups disappear in classification UI (Issue NMS-12291)

  • BSM simulation mode does not reset the last state (Issue NMS-12302)

  • Web Assets Dependency Rollup 2019-09-24 (Issue NMS-12320)

  • Memory leak in Drools engine for alarmd (Issue NMS-12322)

  • Threshold state keys do not incorporate the collected resource’s instance label (Issue NMS-12329)

  • Reportd generated reports cause: "No bean named '' is defined" in Persisted Reports (Issue NMS-12337)

  • InterfaceNodeCache doesn’t remove deleted nodes immediately (Issue NMS-12338)

  • Delivering a report with "-" in local part of email address is not working (Issue NMS-12342)

  • Install guide for R-core is broken for CentOS 8 (Issue NMS-12352)

  • Karaf feature install issue with opennms-core-tracing-jaeger (Issue NMS-12359)

  • Fix requisition cache when accessing the Requisitions UI via "Edit in Requisition" (Issue NMS-12360)

Enhancement

  • Refactor the compatibility matrix in the documentation (Issue NMS-9684)

  • Be able to change the number of rows for the pagination control on the Requisitions UI (Issue NMS-9793)

  • Documentation typo for /rest/ifservices on the developers guide (Issue NMS-9842)

  • Remove alarm-change-notifier plugin (Issue NMS-10658)

  • Add OpenTracing support for Camel (JMS) RPC (Issue NMS-10961)

  • Support large buffer sizes in Kafka Sink Layer (Issue NMS-11126)

  • Investigate OpenTracing for our RPC communications (Issue NMS-11177)

  • RPC Metrics (Issue NMS-11517)

  • Sink Metrics (Issue NMS-11540)

  • Add a command to show configuration diffs (Issue NMS-12129)

  • Add Web-Hook as delivery option (Issue NMS-12153)

  • Add reply-to field to notification emails (Issue NMS-12224)

  • Refactor Event Timestamps to ISO-8601 Format (Breaking Change) (Issue NMS-12263)

  • Improve robustness of CassandraBlobStore for async operations (Issue NMS-12274)

  • Clearing threshold states via shell should take effect immediately and not require restart (Issue NMS-12277)

  • BSM configuration breaks without being notifed (Issue NMS-12288)

  • List Kafka RPC/Sink topics, Expose Metrics on Karaf shell (Issue NMS-12294)

  • Create proper systemd files for OpenNMS, Minion and Sentinel (Issue NMS-12299)

  • Add ability to update definitions when SNMP profile changes (Issue NMS-12307)

  • Fix security vulnerability with jackson-databind (Issue NMS-12308)

  • Availability boxes on node pages including sub pages differ (Issue NMS-12321)

  • OpenNMS 25 Dependency Still Allows Old PostgreSQL Versions (Issue NMS-12341)

  • Update base container image to use CentOS 8 (Issue NMS-12353)

  • Remove floating OpenJDK dependencies in OCI build (Issue NMS-12354)

  • Detect and help resolve Karaf bootstrap issues (Issue NMS-12356)

  • Update CISCO-ENTITY-SENSOR-MIB threshold trap events to include alarm-data (Issue NMS-12362)

  • switch core/web-assets from yarn to npm (Issue NMS-12363)

  • Collect and display file descriptor statistics via JMX for OpenNMS and Minion (Issue NMS-12364)