Recent Releases
3.15.007 Dec 2022 08:51
major feature:
This new version introduces two new modules: intelrapl.pm, for monitoring the power consumption of Intel-RAPL capable devices, and amdenergy.pm to monitor also AMD CPU power consumption.
Another important change in this new version is the total rewrite of serv.pm. Its configuration has also changed completely and now it allows a lot of customization. The default configuration should give the same results as with the previous version, although the graph layout will change. The only service that will be affected is Samba. This service needs a complex parsing to get the current Samba use and that's the reason why you need an external script to deal with it.
Due to massive change in serv.pm, the following options: secure_log, imap_log, hylafax_log, cups_log and cg_logdir have been deprecated and will be removed in the next Monitorix version.
The rest of new features, changes and bugs fixed are, as always, reflected in the Changes file.
All users still using older versions are encouraged to upgrade to this version.
3.14.018 Jan 2022 10:11
security:
This new version introduces three new modules: nvme.pm, which is capable of monitoring an unlimited number of NVM Express (NVMe) devices, the amdgpu.pm, to monitor also an unlimited number of AMD GPU graphic cards, and nvidiagpu.pm which can be seen as an extended version of the current module nvidia.pm, as it comes with more detailed statistics.
The rest of new features, changes and bugs fixed are, as always, reflected in the Changes file.
All users using the 3.13.1 version are advised and encouraged to upgrade to this new version, which resolves the security issue.
3.13.127 Jan 2021 18:11
security:
This new version fixes a security bug introduced in the 3.13.0 version that lead the HTTP built-in server to bypass the Basic Authentication when the option hosts_deny is not defined, which is the default.
Besides this fix, this version also updates the main configuration file to add the option hosts_deny = all by default inside the auth subsection, in an attempt to make the default behavior more clear.
All users using the 3.13.0 version are advised and encouraged to upgrade to this new version, which resolves the security issue.
3.13.022 Jan 2021 10:33
major feature:
This new version introduces three new modules: the long-awaited pgsql.pm capable of monitoring up to 9 databases of an unlimited number of PostgreSQL servers, the redis.pm and tinyproxy.pm which are both also capable of monitoring an unlimited number of Redis and Tinyproxy servers respectively.
This version also includes some interesting new features. The new CSS theming support will allow people to create their own color themes. The new support for the ss command in port.pm and nginx.pm modules. The ability to map the device names and also to include a title name in disk.pm module. The new stacked visualization of network stats available on a number of modules, and more.
Also with this new version, Monitorix is able to be executed as a regular user instead of root. This is of course subject to the capabilities of each module to get statistics without using the superuser.
The rest of new features, changes and bugs fixed are, as always, reflected in the Changes file.
Please, check the monitorix.conf(5) man page for all the details.
NOTICE: The configuration file monitorix.conf has been extended with important changes.
All users still using older versions are encouraged to upgrade to this version.
3.12.021 Feb 2020 18:16
major feature:
This new version introduces two new modules: the phpfpm.pm and the unbound.pm. The first one will allow to collect PHP-FPM statistics and monitor unlimited number of sites, while the unbound.pm module will collect a lot of statistics of the Unbound running in your local server. There is not possibility to collect Unbound statistics from remote servers. In all, both modules come with a fairly complete statistic graphs.
Besides these two new modules, this version includes some interesting new features. It has been finally fixed the bind.pm module to support newer versions of BIND. Now this module relies on Perl XML::LibXML to parse the output of BIND (instead of using Perl XML::Simple). Also, the gensens.pm module includes Battery as its third sensor, and there has been some improvements in the NFS graph for FreeBSD systems.
The fail2ban.pm module has also changed the way how the values are shown. From now on, you can choose between absolute and rate values, being the former the default one.
The ZFS graph has also changed the way how are shown the Operations and Bandwidth graphs.
The rest of new features, changes and bugs fixed are, as always, reflected in the Changes file.
Please, check the monitorix.conf(5) man page for all the details.
NOTICE: The configuration file monitorix.conf has been extended with important changes.
All users still using older versions are encouraged to upgrade to this version.
3.11.016 Mar 2019 07:03
major feature:
This new version introduces one new graph: the Ambient Sensors graph. This graph is intended for gathering temperature values from any kind of external sensors. Each defined sensor is associated to a command line that will be executed by Monitorix to get the temperature. It also support alerts to notify when the value is above or below from a defined threshold.
Besides the fact that this new version only comes with one new graph, it really includes interesting new features. One of the most important is the new option 'autocheck_responsiveness' (enabled by default), that hopefully should fix those so annoying hangups in the HTTP built-in server.
Another interesting change is the new way of how the memory graph will be shown in Linux systems. The value used will be recalculated as used = MemTotal - MemFree - Buffers - Cached - SReclaimable - SUnreclaim which will ensure that Monitorix will be in sync with the Used column in the output of newer free command, and with the -/+ buffers/cache row of the older free command.
The ZFS graph has also changed, it now includes more information for each pool defined with the number of operations and the bandwidth used.
By popular demand, I've finally included in Multihost mode the ability to show all graphs of a single server and even all graphs from all remote servers. In the later case, you must keep in mind that in order to see all graphs, the remote servers must have the same configuration file than the host from where you are viewing them ...
3.10.126 Jun 2018 08:30
security:
Prior Monitorix versions are vulnerable to cross-site scripting (XSS), caused by improper validation of user-supplied input by the monitorix.cgi file. A remote attacker could exploit this vulnerability using some of the arguments provided (graph= or when=) in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
I would like to thank Sebastian Gilon from TestArmy for reporting that issue.
The rest of bugs fixed are, as always, reflected in the Changes file.
All users still using older versions are advised and encouraged to upgrade to this version, which resolves this security issue.
3.10.027 Sep 2017 09:06
major feature:
This new version introduces two new graphs and improves clearly an old one: the System graph. After a notable people demand, I've included a new graph to monitor IPMI sensors (temperatures, fans and voltages). The second new graph monitors an unlimited number of MongoDB servers (either local or remote). As said, the System graph has been improved and now it includes two new sub-graphs: one that shows the system's entropy and another that shows the uptime of the system. The memory graph has also been enhanced including the values of memory active and inactive.
Besides these new graphs, this version introduces a new option (enabled by default) called enable_parallelizing, which will speed up dramatically the graph generation in multi-core systems. This should also benefit people using Monitorix in Raspberry Pi systems and similar with multi-core processors. I'll be glad to get some feedback on this.
More news, since now all graphs that show sensors will include an alert capability to be able to execute an external shell script if the value of a sensor exceed an specific threshold.
The rest of new features, changes and bugs fixed are, as always, reflected in the Changes file.
Please, check the monitorix.conf(5) man page for all the details.
NOTICE: The configuration file monitorix.conf has been extended with important changes.
3.9.031 Oct 2016 17:41
major feature:
This new version introduces three more graphs and, as always, it also introduces new features and fixes some interesting bugs. The first new graph offers the possibility to monitor the network queue disciplines
(qdiscs) associated to a network interface (also called Linux Traffic Control). The second graph monitors chrony,the new NTP daemon that comes with some newer Linux distributions. Finally the third new graph monitors these temperature and CPU frequency sensors that appear (depending on your motherboard) in the /sys/devices/ filesystem tree.
Besides all this the new version also includes interesting new features. From now on, you can monitor multiple disks and network interfaces of every virtual machine defined in the Libvirt graph. Another interesting new option is priority that lets you set the priority in which Monitorix
will run. A new option called image_format lets you change the graphics format of the pictures generated by Monitorix. Also the new option enable_hourly_view lets you enable the hourly time frame although the resolution won't be specific for that time frame.
The rest of changes and bugs fixed are, as always, reflected in the Changes file.
Please, check the monitorix.conf(5) man page for all the details.
NOTICE: The configuration file monitorix.conf has been extended with important changes.
3.8.113 Nov 2015 15:31
security:
This is a maintenance release that mainly fixes a Document Object Model (DOM)-based cross-site scripting (XSS) vulnerability in the monitorix.cgi file. Such vulnerability is by injection a JS code in the 'when=' parameter of the URL shown after generating the graphs. Additionally, a potential denial of service (DoS) issue was discovered in the same 'when=' parameter of the URL which could lead in the creation of an enormous amount of '.png' files in the 'imgs' directory of the server.
These vulnerabilities are due to a lack of precise input validation on user-supplied data within the DOM input. A remote attacker could exploit these vulnerabilities by sending crafted URLs that contain malicious DOM statements to the affected system.
This new version also adds support for ZFS versions older than 0.6.4 and adds a new option called 'extra_args' in the NTP module to be able to include extra arguments to the command 'ntpq -pn' executed by Monitorix.
The rest of changes and bugs fixed are, as always, reflected in the Changes file.
All users still using older versions are advised and encouraged to upgrade to this version, which resolves these security issues.
3.8.017 Sep 2015 06:16
major feature:
This new version introduces four new graphs and a number of new features, (of course, lots of bugs were also fixed). The first new graph shows the directory usage (based on the output of the du command) from a list defined in the configuration file. This is really useful when you want to keep an eye on the size of some specific directories. The second one is a ZFS statistics graph, which is specially useful for these people using such special file system in their servers. It can monitor an unlimited number of pools.
The other two graphs are: one that monitors the PageSpeed Module, from Google developers, and the other one that monitors Network UPS Tools (NUT) devices. Both graphs also support unlimited monitorization on their own.
Besides all these graphs this new version also includes interesting new features. The alert capabilities in the Filesystem graph have been changed and now it supports the ability to include an independent alert for each filesystem defined. The Apache graph has extended with more information and it also has new support for alert capabilities based on the remaining free slots. The rest of changes and bugs fixed are, as always, reflected in the Changes file. Please, check the monitorix.conf(5) man page for all the details. NOTICE: The configuration file monitorix.conf has been extended with important changes.
3.7.016 Mar 2015 08:05
major feature:
Another new version that introduces two new graphs; the first one is a new Varnish cache statistics graph which hopefully covers all the most important values. It was created using the Varnish version 3.0.6, so I hope it will be also compatible with the new 4.0 version. The second graph covers the Verlihub statistics and was developed and provided by an external user.
As always this version also includes a number of changes and new features, and of course more bugs were fixed. The zoomed graphs now honour the global_option option and also fit much better in the browser pop up window. The Ports graph now includes the options tcp6 and udp6 to be able to monitor IPv6 connections. The Process graph now detects better the process names using the command parameter in the ps command. And more.
The rest of changes and bugs fixed are, as always, reflected in the Changes file.
Please, check the monitorix.conf(5) man page for all the details.
NOTICE: The configuration file monitorix.conf has been extended with important changes.
3.6.018 Sep 2014 13:25
major feature:
This new version introduces two new graphs; one that is Linux specific to monitor an unlimited number of user processes (including CPU usage, memory usage, disk usage, network usage, opened files, number of threads, number of voluntary and involuntary context switches and number of instances of the same process). The other new graph is to monitor also an unlimited number of virtual machines (using the libvirt manager) and also covers CPU, memory, disk and network usages. This version also includes a number of changes and new features, and of course a number of bugs were fixed. There is a new option called ip_default_table to instruct Monitorix to use a specific iptables table for network traffic accounting. This should help to avoid conflict with some firewalls running in the same machine.
The Mail graph now includes a graph that shows the SPF results in real time (right now it only supports the output of smf-spf tool). This new version also adds support for the latest Nvidia driver 340.24, it also extends the functionality of limit and rigid options, reducing a lot of code at the same time and changed the DST values in the Network interface graph which should avoid (finally!) these annoying unexpected huge peaks in the graph.
It also includes some fixes in order to reduce CPU load on servers with big log files.
The rest of changes and bugs fixed are, as always, reflected in the Changes file.