I have Icinga2 and Icingaweb2 set up for monitoring hosts and services for myself, but I wanted to expand on my current configuration and let web developers manage monitoring for their assets (development and staging hosts and web servers).<\/p>\n
The hosts I want developers to be able to monitor are members of the First I created a new role in the web interface under Configuration — Authentication — Roles<\/strong>: This created the role without any errors. However, when I logged in as a member of the webdev group, I received the following error message:<\/p>\n I needed to specify a key-value pair for the monitoring\/filter\/objects:<\/p>\n You can include multiple host groups by including a logical OR:<\/p>\n Once I confirmed that worked, I further restricted the Permission Set to a more limited set of options:<\/p>\n A user in the webdev role now has access to everything I expected except<\/em> contacts (Overview — Contacts<\/strong>). The Contacts page produces a long and unfriendly error message that begins with:<\/p>\nwebdev<\/code> is the name of one of my host groups, defined in my \/etc\/icinga2\/conf.d\/groups.conf<\/code> file:<\/p>\nobject HostGroup \"webdev\" {\r\n display_name = \"Web Development Hosts\"\r\n}<\/code><\/pre>\nwebdev<\/code> host group.<\/p>\n
\n<\/p>\n\n
Service Problems\r\nCannot apply restriction monitoring\/filter\/objects using the filter webdev. You can only use the following columns: instance_name, host_name, hostgroup_name, service_description, servicegroup_name, _(host|service)_<customvar-name><\/code><\/pre>\nhostgroup_name=webdev<\/code><\/pre>\n(hostgroup_name=webdev||hostgroup_name=webprod)<\/code><\/pre>\n\n