Xymon Systems and Network Monitor / News: Recent posts

Xymon 4.3.30 is now available! This is primarily a bug fix release following on from the changes in v4.3.29, including fixing several crashes and a too-tight restriction on hostnames when viewing status reports. All users are encouraged to upgrade.

Xymon 4.3.26 is now available! This is primarily a bug fix release improving compatibility with various browsers after the CSP and XSS fixes introduced in 4.3.25. It also reduces the auto-refresh interval on most pages to 60s (from 30s) and makes this administratively-configurable.

Xymon 4.3.25 has been released and is located in the SourceForge files area. This is an important security release which resolves the following CVEs:
* CVE-2016-2054: Buffer overflow in xymond handling of "config" command
* CVE-2016-2055: Access to possibly confidential files in the Xymon configuration directory
* CVE-2016-2056: Shell command injection in the "useradm" and "chpasswd" web applications
* CVE-2016-2057: Incorrect permissions on IPC queues used by the xymond daemon can bypass IP access filtering
* CVE-2016-2058: Javascript injection in "detailed status webpage" of monitoring items. XSS vulnerability via malformed acknowledgment messages... read more

Xymon 4.3.23 has been released and is located in the SourceForge files area. This is a small bug fix release that fixes an issue in 4.3.22 where RRD tracking of the number of matching processes or ports on a client wasn't being performed. (Thresholding and alerting were unaffected.)

All users are recommended to update.

Xymon 4.3.22 has been released and is now available for download in the Files area.

This version brings a number of bug fixes, improvements, and a smattering of new features for users since the last release, including:
- improved reliability and reporting in the Mac OS X client
- fixes to compact xymongen test summaries and combostatus.cfg parsing
- per-host and per-test exclusion options for automatic flap detection
- more standardized 'group' HTML display on pages and subpages
- SHA2 digest options for checksum testing of files or URLs
- optional use of custom HTTP headers when polling servers
- better options for custom parsing of incoming "name-colon-value" data into RRD
- clearer rules for HTTP status parsing of tested URLs... read more

Xymon 4.3.20 has been released to SF and is now available for download in the Files area.

4.3.20 fixes several long-standing issues dealing with 'summary' reports, pullclient requests, and memory reporting on recent Linux kernels. Some nifty additional functionality includes:

• multiple graphs can be displayed (automatically) on a single status report
• HEAD-only URL checks can be performed
• the raw clientlog now gets its own column on xymon pages, allowing more direct access by users (this can be disabled with the 'noclient' tag)... read more

The 4.3.0 RC1 version of Xymon is now available in the Sourceforge "Files" area. Changes from beta-3 are mostly bugfixes, but there are also changes to the Solaris client (improved swap analysis); limits on the amount of disk space that historical logs will occupy; better detection of flapping statuses; and improvements to the GIF's and stylesheets.

Version 4.2.3 of the Xymon monitoring package has been released. This is the final bug-fix version of the 4.2.x series - it solves a problem with DNS testing, and a problem with ACK cookies that could crash hobbitd.

Xymon version 4.2.2 is now available. This is an update to the 4.2.0 version of Hobbit (project was renamed for legal reasons). This release is an interim release, which adds out-of-the-box support for a number of popular add-ons, e.g. BBWin and Devmon. It also adds several new features to the core package, and fixes a long list of bugs.

I've uploaded the code and revision history for Hobbit to the Subversion repository here on Sourceforge. This is to facilitate more developers to contribute to the project.

Hobbit 4.2.0 is now available. This release adds:

* Full client support
* Pull-style data collection from clients
* Automatic client updates
* New "Acknowledgment" webpage
* New "Critical Systems" view
* New "Metrics report" for comparing graphs
* Lots of other improvements

An important security related bug was found in all Hobbit 4.x versions of Hobbit. Version 4.1.2p2 solves this bug; upgrading is recommended.

The 4.1.2 release candidate is now available, includ ing a lot of bugfixes and some improvements. The final release is expected around Oct. 10 2005.

Hobbit monitor - an Open Source systems- and network-monitor inspired by Big Brother - has been released. Hobbit is an easy-to-use monitoring tool for networked servers, and scales from the small network up to networks of several thousand hosts. Demonstration site at http://www.hswn.dk/hobbit/ - download at http://sourceforge.net/projects/hobbitmon/