OpenNMS Meridian Development Team

Tarus Balog <tarus@opennms.org>

David Hustace <david@opennms.org>

Benjamin Reed <ranger@opennms.org>

Copyright © 2004-2020 The OpenNMS Group, Inc.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts and with no Back-Cover Texts. A copy of the license is available at http://www.gnu.org/copyleft/fdl.html OpenNMS is the creation of numerous people and organizations, operating under the umbrella of the OpenNMS project. The source code is published under the GNU Affero GPL, version 3 or later and is Copyright © 2002-2020 The OpenNMS Group, Inc.

The current corporate sponsor of OpenNMS is The OpenNMS Group, which also owns the OpenNMS trademark.

Please report any omissions or corrections to this document by creating an issue at http://issues.opennms.org.

OpenNMS Meridian 2020

System Requirements

  • Java 8 through 11: OpenNMS Meridian 2020 runs on JDK 8 through 11. We recommend the most recent version of OpenJDK 11.

  • Default Heap Size: The default heap size is 2GB.

  • PostgreSQL 10 or higher: Meridian 2020 requires any supported version of PostgreSQL 10 or higher.

What’s New in Meridian 2020

Since Meridian 2019, we have refined a number of the features introduced relating to telemetry, correlation, and other underlying APIs.

Meridian 2020 roughly matches the feature set available in Horizon 26.1.

Documentation Updates

Documentation improvements have been made in a number of areas:

  • Docker

  • Grafana PDF Reports

  • Graph Service API

  • Minion

  • Telemetry/flows

  • Thresholding

  • Timeseries Integration

Graph API

A new API has been added for querying graph data, inspired by GraphML. This API consolidates a number of internal APIs for accessing topology, application, BSM, link, and other data.

Kafka and RPC

The RPC APIs for communicating between the OpenNMS core, Minion, and Sentinel have been improved, including adding support for gRPC communication.

It is now possible to configure Kafka to use a single topic for communication rather than one per module.

You can now configure flow data to be enriched with node metadata before being forwarded to Kafka.

Minion and Sentinel

  • The Minion can now be configured using confd by creating a minion-config.yaml file. For details, see the README in the Minion source.

  • The Minion Docker container has a number of enhancements:

    • Minion container sizes have been halved.

    • Native ICMP support has been added to improve performance.

    • Dockerized Minion now supports ARM.

  • The Jolokia HTTP-JMX bridge has been added to the Minion and Sentinel.

Polling and Monitoring

  • The HTTP POST monitor has been updated to support injecting headers into the request.

  • The poller now does a better job of validating configs on startup/reload.

Provisioning

  • Provisiond has been enhanced to improve performance of scans.

  • Nodes provisioned through new suspect events now get assigned a foreign source.

Telemetry and BMP

  • The flow classification editor now supports CIDR notation for IP address expressions.

  • Support has been added for the BGP Monitoring Protocol (BMP).

Time-Series API

A new experimental internal API has been added for supporting persisting time-series data in a way that doesn’t carry the baggage of the existing persistence APIs which are still heavily influenced by RRDTool.

Web UI Improvements

  • The navbar notification alert now shows everywhere, not just the front page.

  • The "user" menu has been reorganized and cleaned up.

  • The requisitions UI now supports deleting a node from its node page in the editor.

Breaking Changes

Flow Classification

In Meridian 2019, the Flow Classification UI accepted invalid IP address values, e.g., 10,192.1,168.1,5.1-160. When upgrading OpenNMS Meridian, existing Flow Classification Rules may be considered invalid. In this case they are silently ignored by the Flo w Classification Engine.

In order to assure no invalid Flow Classification Rules exist, please run the OSGi shell command opennms-classification:list-invalid-rules to list a ll invalid rules. If there are any invalid rules, you must manually fix them using the Flow Classification UI. For more details, refer to issue NMS-12422.

Events and Kafka

Events forwarded to Kafka are now keyed by id rather than uei.

Karaf Shell Command Changes

All of the custom Karaf shell commands have now been updated to use a common scope of opennms. This makes it easier to find and enumerate the commands.

Mapping from previous to new commands is as follows:

Previous Command New Command

opennms-provision:detect

opennms:detect

opennms-provision:list-detectors

opennms:list-detectors

opennms-provision:show-import

opennms:show-import

opennms-provision:import-requisition

opennms:import-requisition

opennms-dns:lookup

opennms:dns-lookup

opennms-dns:reverse-lookup

opennms:dns-reverse-lookup

opennms-ping:sweep

opennms:ping-sweep

opennms-ping:ping

opennms:ping

opennms-jira:list-projects

opennms:jira-list-projects

opennms-jira:verify

opennms:jira-verify

opennms-jira:show-config

opennms:jira-show-config

opennms-jira:list-priorities

opennms:jira-list-priorities

opennms-jira:list-fields

opennms:jira-list-fields

opennms-jira:list-versions

opennms:jira-list-versions

opennms-jira:list-issue-types

opennms:jist-list-issue-types

opennms-jira:list-components

opennms:jira-list-components

opennms-scv:set

opennms:scv-set

opennms-scv:get

opennms:scv-get

opennms-datachoices:reset-system-id

opennms:datachoices-reset-system-id

opennms-datachoices:display-usage-report

opennms:datachoices-display-usage-report

opennms-datachoices:send-usage-report

opennms:datachoies-send-usage-report

opennms-poller:test

opennms:poll-test

opennms-poller:list-monitors

opennms:list-monitors

opennms-poller:poll

opennms:poll

opennms-filters:filter

opennms:filter

opennms-measurements:show-newts-samples

opennms:show-newts-samples

opennms-measurements:delete-resource

opennms:delete-measurement-resources

opennms-measurements:show-measurements

opennms:show-measurements

opennms-measurements:show-resources

opennms:show-measurement-resources

opennms-enlinkd:delete-topology

opennms:delete-topology

opennms-enlinkd:generate-topology

opennms:generate-topology

opennms-provision:list-detectors

opennms:list-detectors

opennms-collection:list-collectors

opennms:list-collectors

opennms-minion:id

opennms:minion-id

opennnms-minion:ping

*Removed in favor of opennms:health-check

opennms-dns:stress

opennms:stress-dns

opennms-kafka-producer:sync-alarms

opennms:kafka-sync-alarms

opennms-kafka-producer:push-topology-edges

opennms:kafka-push-topology-edges

opennms-kafka-producer:evaluate-filter

opennms:kafka-evaluate-filter

opennms-kafka-producer:list-alarms

opennms:kafka-list-alarms

opennms-nodecache:sync

opennms:sync-node-cache

opnennms-coordination:join-election-domain

opennms:join-election-domain

opennms-kv-blob:put

opennms:kv-put-blob

opennms-kv-blob:get

opennms:kv-get-blob

opennms-kv-blob:benchmark

opennms:kv-benchmark-blob

opennms-kv-json:get

opennms:kv-get-json

opennms-kv-json:put

opennms:kv-put-json

opennms-classification:list-rules

opennms:list-classification-rules

opennms-classification:reload-engine

opennms:reload-classification-engine

opennms-classification:list-groups

opennms:list-classification-groups

opennms-classification:list-invalid-rules

opennms:list-classification-invalid-rules

opennms-classification:classify

opennms:classify-flow

opennms-elasticsearch:send-historic-events

opennms:send-events-to-elasticsearch

opennms-events:show-event-config

opennms:show-event-config

opennms-reload:daemon

opennms:reload-daemon

opennms-events:stress

opennms:stress-events

opennms-events:send

opennms:send-event

opennms-bsm:generate-hierarchies

opennms:bsm-generate-hierarchies

opennms-bsm:delete-generated-hierarchies

opennms:bsm-delete-generated-hierarchies

opennms-bsm:render-graph

opennms:bsm-render-graph

opennms-asset-topology:regenerate

opennms:asset-topo-regenerate

opennms-asset-topology:remove

opennms:asset-topo-remove

opennms-asset-topology:list

opennms:asset-topo-list

opennms-asset-topology:create

opennms:asset-topo-create

opennms-asset-topology:regenerateall

opennms:asset-topo-regenerate-all

opennms-topo:show-history

opennms:topo-show-history

opennms-topo:delete-history

opennms:topo-delete-history

opennms-onms:listnamespaces

opennms:list-namespaces

opennms-topo:listoperations

opennms:topo-list-operations

opennms-activemq:stats

opennms:activemq-stats

opennms-activemq:purge-queue

opennms:activemq-purge-queue

opennms-sentinel:id

opennms:id

opennms-collection:list-collectors

opennms:list-collectors

opennms-collection:collect

opennms:collect

opennms-metrics:stress

opennms:stress-metrics

opennms-threshold-states:details

opennms:threshold-details

opennms-threshold-states:enumerate

opennms:threshold-enumerate

opennms-threshold-states:clear-all

opennms:threshold-clear-all

opennms-threshold-states:clear

opennms:threshold-clear

opennms-meta:test

opennms:metadata-test

opennms-rpc:stress

opennms:stress-rpc

opennms-kafka-sink:topics

opennms:kafka-sink-topics

opennms-kafka-rpc:topics

opennms:kafka-rpc-topics

opennms-snmp:fit

opennms:snmp-fit

opennms-snmp:show-config

opennms:snmp-show-config

opennms-snmp:remove-from-definition

opennms:snmp-remove-from-definition

opennms-snmp:walk

opennms:snmp-walk

snmp:local-engine-id

opennms:snmp-local-engine-id

opennms-health:metrics-list

opennms:metrics-list

opennms-health:metrics-display

opennms:metrics-display

opennms-health:check

opennms:health-check

opennms-graph:get

opennms:graph-get

opennms-graph:list

opennms:graph-list

opennms-graph:force-reload

opennms:graph-force-reload

opennms-graph:search

opennms:graph-search

Kafka Producer Metrics

  • For Interface Resources, a String attribute named __ifIndex is added to represent missing Interface ifIndex in String form.

Notable Internal Changes

  • Kafka has been updated to version 2.4.0.

  • Protobuf has been updated to version 3.11.4.

  • The OpenNMS Integration API is now version 0.4.

  • Internally, events are, in most cases, immutable. For the most part, you should see no changes in the external and code places that events are interacted with. They are converted to mutable versions in places where they are often manipulated (like Drools).

Other Improvements

Since Meridian 2020 is based on Horizon 26.1, it contains all the fixes and updates that have occurred since Meridian 2019 was created from the Horizon 25 codebase.

For a more complete list of major changes included in this release, see the "What’s New" documentation for Horizon 26.1.3.

Changelog

Release Meridian-2020.1.29

Release 2020.1.29 contains a solitary bug fix.

The codename for Meridian 2020.1.29 is Rift valley.

Bug
  • Unexpected interfaceDown event/alarm during a scheduled outage (Issue NMS-14695)

Release Meridian-2020.1.28

Release 2020.1.28 contains a couple of bug fixes and security fixes.

The codename for Meridian 2020.1.28 is Channel.

Bug
  • Duplicate V3 trap security names causing spurious errors on non V3 traps (Issue NMS-14718)

  • Kafka Producer NPE causes collection failure overall (Issue NMS-14740)

Story
  • Reflected XSS (PB-2022, Aug 2022) (Issue NMS-14713)

  • Browser-Specific XSS (PB-2022, Aug 2022) (Issue NMS-14714)

  • Form Can Be Manipulated with Cross-Site Request Forgery (CSRF) (Issue NMS-14716)

  • Session Cookie (Authentication Related) Does Not Contain The "HTTPOnly" Attribute (Issue NMS-14717)

Release Meridian-2020.1.27

Release 2020.1.27 contains a couple of bug fixes.

The codename for Meridian 2020.1.27 is Cape.

Bug
  • change or remove how Docker SSH keys are generated (Issue NMS-14643)

  • Graph page doesn’t escape <> in resource labels (Issue NMS-14657)

Story
  • PassiveStatusd (Issue NMS-8567)

  • Provisiond (Issue NMS-8569)

  • Please update the copyright year on the docs page! (Issue NMS-13911)

  • Upgrade dom4j to latest version (Issue NMS-14696)

Task
  • Change OIA name to OpenNMS Plugin API (Issue NMS-14475)

Enhancement
  • Migrate Notification wiki pages into docs (Issue NMS-13584)

Release Meridian-2020.1.26

Release 2020.1.26 contains a few small bug fixes.

The codename for Meridian 2020.1.26 is Fjard.

Bug
  • show-event-config displays unexpected content after adding new event definitions (Issue NMS-12863)

  • Clearing an alarm brings alarm not found message (Issue NMS-12981)

  • JVM MemoryPool data collection not working (Issue NMS-14041)

  • WebMonitor does not track the response time (Issue NMS-14535)

  • Spring Framework CVE-2022-22950 Remediation (Issue NMS-14568)

Enhancement
  • simplify assembly tarballs (Issue NMS-14572)

Release Meridian-2020.1.25

Release 2020.1.25 contains a few small bug fixes and few enhancements.

The codename for Meridian 2020.1.25 is Cove.

Bug
  • Correct Grammar in Notices Box (Issue NMS-12355)

  • Link in ERROR log doesn’t exist (Issue NMS-13956)

  • RRD file parsing failed with newts-repository-converter (Issue NMS-14079)

  • Heatmap drill down does not show any alarms/outages (Issue NMS-14243)

  • Notification with Destination Path and Group, Interval Delay doesnt show (Issue NMS-14403)

Enhancement
  • event nodeCategoryMembershipChanged should be more verbose (Issue NMS-10634)

  • Add support for pre-authorization via HTTP header (to be used with pre-authentication) (Issue NMS-14059)

  • upgrade JNA to 5 (Issue NMS-14417)

Release Meridian-2020.1.24

Release 2020.1.24 contains a few small bug fixes.

The codename for Meridian 2020.1.24 is Coral Reef.

Bug
  • [Web] - WebServer Fingerprinting (Issue NMS-13987)

  • Telemetryd does not shut down gracefully (Issue NMS-14003)

  • Exception when searching assets (Issue NMS-14240)

  • Remove "Commercial Support" ticket lookup from web ui support section (Issue NMS-14280)

  • Circle ci caching OIA issue (Issue NMS-14291)

  • Kafka-Producer Alarm Resync Failing Post Entire Kafka Cluster Outage (Issue NMS-14321)

Release Meridian-2020.1.23

Release 2020.1.23 contains a number of security dependency updates.

While the dependency changes should not affect how the OpenNMS runtime works, this release contains a larger than usual number of changes to "plumbing" to facilitate these dependency updates. It is strongly recommended that you do more than the usual amount of testing before deploying this update to a production environment.

The codename for Meridian 2020.1.23 is Submarine Canyon.

Bug
  • CVE-2022-22965: Spring RCE in Data Bindings (Issue NMS-14134)

  • Upgrade groovy-all dependency (Issue NMS-14208)

  • make sure license-maven-plugin is re-enabled in foundation and release branches (Issue NMS-14217)

  • Upgrade jackson-mapper-asl dependency (Issue NMS-14252)

Release Meridian-2020.1.22

Release 2020.1.22 contains a few small fixes and enhancements.

The codename for Meridian 2020.1.22 is Estuary.

Bug
  • Resolve SonarCloud High priority Security Hotspots (Issue NMS-14002)

  • Scriptd helpers ignore community setting (Issue NMS-14045)

  • Wrong wiki URL in debian installer (Issue NMS-14053)

Enhancement
  • Switch to using a java e-mail library instead of system mail (Issue NMS-14015)

  • Misspelling in SystemExecuteMonitor error text (Issue NMS-14091)

  • relicense rancid-api to LGPL, change dependency to match (Issue NMS-14093)

Release Meridian-2020.1.21

Release 2020.1.21 contains a fix for a regression in graph viewing.

The codename for Meridian 2020.1.21 is Cliff.

Bug
  • OpenNMS points to the wrong URL when trying to generate graphs (Issue NMS-14057)

Release Meridian-2020.1.20

Release 2020.1.20 contains mostly bug fixes, including some small security-related changes.

The codename for Meridian 2020.1.20 is Headland.

Bug
  • opennms user credentials wrongly exposed (Issue NMS-12146)

  • Support → System Report exposes credentials in plain text (Issue NMS-13831)

  • Cross site scripting - Reflected (Issue NMS-13835)

  • Password field with autocomplete enabled (Issue NMS-13847)

  • Web UI copyright year needs updating (Issue NMS-14037)

Enhancement
  • Releases should document third party libraries and their licenses (Issue NMS-14004)

Release Meridian-2020.1.19

Release 2020.1.19 is a small release with a number of bug fixes, including a few security fixes related to Grafana PDF reports and Protobuf.

Thanks to Sahil Tikoo from Etisalat for reporting the Grafana endpoint issue.

A note about security issues: we have traditionally created CVEs in a pretty ad-hoc manner. We are in the process of formalizing how we’ll be doing so going into the future.

The codename for Meridian 2020.1.19 is Mid-Ocean Ridge.

Bug
  • config-tester doesn’t find malformed resourceTypes (Issue NMS-13723)

  • Event configuration UI fails to persist logmsg dest changes (Issue NMS-13729)

  • Outdated javascript library (Issue NMS-13848)

  • grafana endpoint can be used to port-scan internal resources (Issue NMS-13917)

  • Minion fails to marshall requisition with JAXB error: Class [org.opennms.netmgt.model.PrimaryTypeAdapter] not found (Issue NMS-13927)

  • Unsynchronized access to service factories in TelemetryServiceRegistryImpl (Issue NMS-13961)

Enhancement
  • Upgrade protobuf-java version (Issue NMS-13889)

Release Meridian-2020.1.18

Release 2020.1.18 is a small release with another upgrade for Log4j2 as well as an NPE fix in the topology UI.

It is not believed that we are vulnerable to the Log4j issues fixed in these newer releases, but are updating anyway just to be sure.

The codename for 2020.1.18 is Cuspate Foreland.

Bug
  • Customer is not able to view Topology (Issue NMS-13851)

  • CVE-2021-45105: Update to Log4j 2.17.0 (Issue NMS-13868)

  • upgrade to log4j2 2.17.1 and pax-logging 1.11.13/2.0.14 (Issue NMS-13878)

Release Meridian-2020.1.17

Release 2020.1.17 is a re-release of 2020.1.16 with additional fixes relating to Log4j2 vulnerabilities.

The codename for 2020.1.17 is Blowhole.

Bug
  • CVE-2021-45046: incomplete Log4j2 vulnerability mitigation (Issue NMS-13858)

Release Meridian-2020.1.16

Release 2020.1.16 is an out-of-band release with a fix for the Log4j2 security issue.

The codename for 2020.1.16 is Stack.

Bug
  • Log4j2 0-day: CVE-2021-44228 (Issue NMS-13850)

Release Meridian-2020.1.15

Release 2020.1.15 contains a fix for a Jetty CVE, plus an update to fix a bug in user auth changes, and an enhancement to SNMPv3 user authentication.

The codename for 2020.1.15 is Lagoon.

Bug
  • Authorization changes not taking immediate effect (Issue NMS-13761)

  • CVE-2021-28164: access to WEB-INF (Issue NMS-13832)

Enhancement
  • Support multiple auth params for same SNMPV3 username (Issue NMS-13490)

Release Meridian-2020.1.14

Release 2020.1.14 contains a few small features updates and a number of bug fixes, including an XSS security issue in the notifications wizard.

The codename for 2020.1.14 is Tessellated Pavement.

Bug
  • The node and interface counters of the Evaluation Layer are incorrect (Issue NMS-13283)

  • EvaluationMetrics.log is contaminated with non-related metrics. (Issue NMS-13284)

  • Reflected XSS in webapp notice wizard (Issue NMS-13496)

  • macOS Monterey: older OpenNMS branches do not start anymore (Issue NMS-13703)

  • related events box in alarm detail shows all events when alarm has no node / interface / service / ifindex (Issue NMS-13705)

Enhancement
  • Incorporate node related information to events and alarms topic in opennms-kafka-producer feature (Issue NMS-12778)

  • Support multiple auth params for same SNMPV3 username (Issue NMS-13490)

  • Show Link State when viewing links on the Enlinkd topology maps (Issue NMS-13619)

Release Meridian-2020.1.13

Release 2020.1.13 contains a couple of small bug fixes.

The codename for 2020.1.13 is Strait.

Bug
  • Signed Minion container bleeding image shows revision as meridian-foundation-2021.1.4-1-487 (Issue NMS-13587)

  • missing fields in search autocomplete (Issue NMS-13518)

Release Meridian-2020.1.12

Release 2020.1.12 contains a few small bug fixes, including a CVE dependency update.

The codename for 2020.1.12 is Atoll.

Bug
  • Syslog messages missing nodelabel, location, and interface (Issue NMS-13485)

  • Bump Apache Ant version to 1.10.11 (CVE-2021-36373, CVE-2021-36374) (Issue NMS-13509)

Release Meridian-2020.1.11

Release 2020.1.11 contains an update for a Jetty CVE plus a couple of XSS fixes and a Minion OOM bug.

The codename for 2020.1.11 is Ayre.

Bug
  • OutOfMemory issue on Minion (corner case related to Offheap) (Issue NMS-13405)

  • Jetty 9.4.38 security issues CVE-2021-28164, CVE-2021-34428 and CVE-2021-28169 (Issue NMS-13449)

  • Reflected XSS in webapp notice wizard (Issue NMS-13496)

  • Reflected XSS in scheduled outage editor (Issue NMS-13498)

Release Meridian-2020.1.10

Release 2020.1.10 contains a few dependency security updates and an enhancement to the Kafka producer.

The codename for 2020.1.10 is Calanque.

Enhancement
  • Incorporate node related information to events and alarms topic in opennms-kafka-producer feature (Issue NMS-12778)

Bug
  • CVE-2020-13956: Update commons-httpclient to 4.5.13 (Issue NMS-13360)

  • CVE-2017-5929: bump logback-classic version to latest (Issue NMS-13361)

Release Meridian-2020.1.9

Release 2020.1.9 contains a few bug fixes and enhancements.

The codename for 2020.1.9 is Wave-Cut Platform.

Bug
  • IP interface link in Response Time graph page is broken (Issue NMS-13158)

  • Got Access Denied when viewing On-Call Role schedule (Issue NMS-13287)

  • Validate query parameters in snmpInterfaces.jsp (Issue NMS-13308)

  • Validate name parameter in DestinationWizardServlet (Issue NMS-13309)

Enhancement
  • Incorrect reference to org.opennms.netmgt.syslog.cfg (Issue NMS-13223)

  • Location aware Requisitions from DNS (Issue NMS-13278)

Release Meridian-2020.1.8

Release 2020.1.8 contains a number of security fixes, as well as fixes for a few other bugs.

The codename for 2020.1.8 is Isthmus.

Bug
  • Not possible to define notification parameters via "Configure notifications" UI (Issue NMS-8581)

  • Race condition on ALEC’s config bundle after installation (Issue NMS-12766)

  • Reflected XSS reported 2021-03-31 (update summary after disclosure) (Issue NMS-13229)

  • vmware integration connection pool not expiring connections (Issue NMS-13234)

  • Cleared alarms with closed ticket state not removed when using a hybrid approach (Issue NMS-13237)

  • Sidebar navigation on the graph results page is not working (Issue NMS-13259)

  • Time zone is handled different on Minion container image based on Ubuntu (Issue NMS-13276)

  • Apache Commons IO Security Update: CVE-2021-29425 (Issue NMS-13279)

Release Meridian-2020.1.7

Release 2020.1.7 contains an enhancement to event forwarding performance in the Kafka producer, plus a number of bug fixes including a Jetty DoS CVE.

The codename for 2020.1.7 is Firth.

Bug
  • Change Jetty default settings to eliminate TLS 1.0 and TLS 1.1 support (Issue NMS-10256)

  • Wrong UEI is picked when threshold alarms are generated (Issue NMS-13120)

  • XSS in notification wizard (Issue NMS-13123)

  • Generate Data collection throws error message "There is a group with same name, please pick another one" under MIB browser (Issue NMS-13143)

  • 'Links on interface' table was missing for interface under node list (Issue NMS-13145)

  • Regular Expression field textbox greyed out for other Events except 'REGEX_FIELD' under Event notifications (Issue NMS-13149)

  • Query Regarding saving a filter URL with more than 255 characters in events ILP (Issue NMS-13152)

  • Kafka producer uses resource name instead of ifIndex as the instance for InterfaceLevelResource (Issue NMS-13185)

  • The behavior of the Ticketing API differs from older versions. (Issue NMS-13189)

  • CVE-2020-27223: Jetty DoS vulnerability (Issue NMS-13201)

  • Minion: Kafka related WARN log messages (AdminClientConfig The configuration X isn’t a known config) (Issue NMS-13208)

  • Minion SNMPv3 trap configuration query is done every 60 seconds (Issue NMS-13217)

Enhancement
  • Improve Event forwarding performance for Kafka producer (Issue NMS-13211)

Release Meridian-2020.1.6

Release 2020.1.6 contains a number of small bug fixes and enhancements, including some UI cleanups, Newts fixes, and a security update to Apache POI.

The codename for 2020.1.6 is Bight.

Bug
  • Timezone and Grafana Dashboard fields not preserved when editing a scheduled report (Issue NMS-13064)

  • No option provided to change the number of records per page in Events ILP and Events/Alarms ILP under Topology (Issue NMS-13137)

  • The OpenNMS Web User Interface Has Experienced an Error observed when searching for a Event under Event notifications (Issue NMS-13148)

  • Node’s sub-option 'Availability' exceeds table alignment and overlaps next table of 'Notifications' under Topology section (Issue NMS-13153)

  • Newts Cache priming flag is inverted (Issue NMS-13156)

  • Dependabot: Upgrade Apache POI to 3.17 (CVE-2017-12626) (Issue NMS-13161)

Enhancement
  • add service status to rest /info API (Issue NMS-13135)

  • create a table to show related events in the alarm detail view (Issue NMS-13170)

Release Meridian-2020.1.5

Release 2020.1.5 contains a few bugfixes and a log verbosity enhancement.

The codename for 2020.1.5 is Strandflat.

Bug
  • Timezone and date range inconsistencies when scheduling database reports associated with Grafana dashboards. (Issue NMS-13070)

  • Exception messages during node import (log noise) (Issue NMS-13082)

  • SFlow enhancment is not functional (Issue NMS-13093)

  • JEXL expression handling updates (Issue NMS-13103)

Enhancement
  • Optionally silence file not found warnings for JICMP, JRRD when properties are not set (Issue NMS-13081)

Release Meridian-2020.1.4

Release 2020.1.4 contains an SNMP poller fix and a small enhancement to package dependencies.

The codename for 2020.1.4 is Machair.

Bug
  • When using a custom prefix, the Elasticsearch Forwarder for events and situation-feedback creates a wrong template. (Issue NMS-13030)

Enhancement
  • Depend on haveged (and supply it in our repo) (Issue NMS-8959)

The codename for 2020.1.4 is Ria.

Release Meridian-2020.1.3

Release 2020.1.3 is the fourth release in the Meridian 2020 series.

It contains a critical fix to a reporting API bug that could cause OpenNMS to fail to start.

BREAKING: If you created reports in 2020.1.2, they will need to be recreated in 2020.1.3.

The codename for 2020.1.3 is Fjord.

Bug
  • report timezone changes break reading pre-existing reports from Quartz (Issue NMS-13037)

Release Meridian-2020.1.2

Release 2020.1.2 is the third release in the Meridian 2020 series.

It contains a number of bug fixes including a fix for a critical Jetty CVE.

The codename for 2020.1.2 is Skerry.

Bug
  • Timezone inconsistency when generating PDF reports from Grafana dashboards (Issue NMS-12930)

  • RRD files for SNMP data are not created until a Service Restart (Issue NMS-12974)

  • Unable to enable Jaeger tracing in Sentinel (Issue NMS-12998)

  • Update typo in BMP docs (Issue NMS-13002)

  • CVE-2020-27216: Jetty webserver vulnerability (Issue NMS-13009)

  • Null pointer exception whe minion receives traps (Issue NMS-13015)

Release Meridian-2020.1.1

Release 2020.1.1 is the second release in the Meridian 2020 series.

It contains a number of bug fixes and enhancements.

The codename for 2020.1.1 is Tombolo.

Bug
  • Unable to poll Vcenter CIM - Calling something in OpenJDK11 that has been removed. (Issue NMS-12919)

  • service starts / restarts work but spit out an error if configured to wait for startup (Issue NMS-12966)

  • Alarm (v1 & v2) ReST Service PUT Can’t PUT Multiple Things (Issue NMS-12979)

Enhancement
  • Add custom string attributes based on indirect and complex SNMP Indices (Issue NMS-8484)

  • Identify message broker strategies in web "about" page (Issue NMS-12971)

Release Meridian-2020.1.0

Release 2020.1.0 is the first release in the Meridian 2020 series, based on Horizon 26.1.x.

The codename for 2020.1.0 is Archipelago.

Bug
  • HTTP Detector does not accept a response without a reason as valid (Issue NMS-10351)

  • Slack-compatible notification strategies expect "url" for switch name, should be "-url" (Issue NMS-10552)

  • opennms.pid missing when started by Systemd (Issue NMS-12769)

  • Interfaces incorrectly marked as having flows resulting in no data via Helm (Issue NMS-12814)

  • Response Time Summary database report missing latency caluculation (Issue NMS-12837)

  • SslContextFactory needs to be changed to SslContextFactory.Server in jetty.xml (Issue NMS-12847)

  • Wrong startup command for Minion running with Docker and health check issues (Issue NMS-12872)

  • Install guide RHEL instructions are invalid on RHEL 7 (Issue NMS-12891)

Enhancement
  • Update collectors chapter (Issue NMS-12682)

  • Include XML schema for wsman-datacollection-config.xml in assemblies (Issue NMS-12813)

  • Fix CollectdTest mock’ing errors (Issue NMS-12828)

  • Fix JMX datacollection config generator test (Issue NMS-12829)

  • Remove unused import in BsonUtils (Issue NMS-12830)

  • Update mockito/powermock dependencies (Issue NMS-12831)

  • Update Minion installation documentation (Issue NMS-12917)

  • sort custom reports (Issue NMS-12931)

  • Update Copyright notice for 2020 (Issue NMS-12933)