Planet OpenNMS

January 18, 2018

Conferences: Australia, New Zealand and Senegal

Just a quick note to mention some conferences I will be attending. If you happen to be there as well, I would love the opportunity to meet face to face.

Next week I’ll be in Sydney, Australia, for linux.conf.au. I’ll only be able to attend for the first two “miniconf” days, and I’ll be doing a short introduction to OpenNMS on Tuesday as part of the Systems Administration Miniconf.

Then I’m off to Queenstown, New Zealand for the New Zealand Network Operators Group (NZNOG) conference. I will be the first presenter on Friday at 09:00, talking about, you guessed it, OpenNMS.

The week after that I will be back in Australia, this time on the other side in Perth, working with our new Asia-Pacific OpenNMS partner R-Group International. We are excited to have such a great partner bringing services and support for OpenNMS to organizations in that hemisphere. Being roughly 12 hours out from our home office in North Carolina, USA, can make communication a little difficult, so it will be nice to be able to help users in (roughly) their own timezone.

Plus, I hope to learn about Cricket.

Finally, I’m excited that I’ve been asked to do a one day tutorial at this year’s African Network Operators Group (AfNOG) in Dakar, Senegal, this spring. The schedule is still being decided but I’m eager to visit Africa (I’ve never been) and to meet up with OpenNMS users (and make some new ones) in that part of the world.

I’ll be posting a lot more about all of these trips in the near future, and hope to see you at at least one of these events.

by Tarus at January 18, 2018 04:43 PM

January 16, 2018

This Week in OpenNMS: January 16th, 2018

It's time for This Week in OpenNMS!

In the last week we did more work on Drift telemetry, Kafka metrics, Karaf refactoring, web UI bug fixes, and refactoring our JavaScript.

Github Project Updates

  • Internals, APIs, and Documentation

    • Chandra continued to work on exposing Kafka metrics to collection.
    • Jesse did performance improvements when aggregating Drift data from Elasticsearch.
    • Ronny cleaned up Net-SNMP collections.
    • Seth worked on making our bundles load properly with blueprin...

January 16, 2018 03:16 PM

January 10, 2018

Running OpenNMS Horizon in Docker

Running applications in containers provides many benefits, and it's not just hype. Higher velocity to maintain changes while keeping a service available. Scaling your software by just spinning up more instances to handle load. Container images allow you to manage your application dependencies and link them all to a portable and standardised runnable container image. The infrastructure can be used as a commodity and container allow you to manage resource usage on a granularity at process level. A...

January 10, 2018 02:48 AM

January 08, 2018

This Week in OpenNMS: January 8th, 2018

It's time for This Week in OpenNMS!

In the last week we did more work on Drift telemetry, refactoring Collectd, enlinkd, and refactoring our JavaScript.

Github Project Updates

  • Internals, APIs, and Documentation

    • Seth did more work on refactoring Collectd.
    • Ronny worked on Asciidoctor documentation rendering.
    • Jesse did more work on accessing interface and top N data in Drift queries.
    • Antonio worked on bridge topology fixes in Enlinkd.
    • I fixed an issue that could cause an NPE whe...

January 08, 2018 03:59 PM

January 04, 2018

Welcome to 2018

I love New Year’s. Not exactly the party on New Year’s Eve, as I tend to spend it as a quiet evening with friends, but the idea of starting over and starting fresh.

It is also a good time to reflect on the year past. While 2017 was pretty tumultuous for the world at large, for OpenNMS it was a pretty good year.

Our decision to split OpenNMS into two versions is still paying off. We did three major releases of Horizon (19, 20, and 21) as well as point releases every month there wasn’t a major release, and Meridian 2017 finally came out, although later than I would have liked. Horizon users get to experience rapid advancements in power and features while Meridian users can relax knowing their system is very stable and secure.

While it is hard to pick out the best features added in 2017, I’d have to go with OpenNMS Helm and the Minion.

Helm allows you to combine and manage multiple instances of OpenNMS from a Grafana dashboard.

OpenNMS Helm

The Minion is our foray into the whole “Internet of Things” space with an application that can be installed on a small device and used to send remotely collected data to a central OpenNMS instance. Minions have minimal configuration and can be configured redundantly, yet they have the ability to collect massive amounts of monitoring data. We’re very eager to see what novel uses our users come up with for the technology (we have one customer that is “Minion-only”, i.e. they do no monitoring or collection from the central OpenNMS instance at all and instead just put two Minions at each location).

As for the OpenNMS Group, the company behind OpenNMS, we experienced modest growth but still had a record year for gross revenue. What is more exciting is that net income was also a record and several hundred percent above last year, so we are going into 2018 well positioned in our Business Plan of “Spend less than you earn”.

2018 should be exciting. The OpenNMS Drift project brings telemetry (flow) data into OpenNMS, and we are working on some exciting features regarding correlation which will probably involve new machine learning technology.

As always, these features will be available as 100% free and open source software.

Personally, I added three new countries to my list, bringing the total number of countries I’ve been in to forty. I had a great time in Estonia and Latvia, and I really enjoyed my trip to Cuba.

One last thing. If you are reading this you are probably a user of OpenNMS. If so, thank you. We are a small but dedicated group of people creating this platform and often we don’t get much feedback on who uses it and what they like about it. The fact that people do find it useful makes it worthwhile, and we wouldn’t exist without our users and clients.

So, Happy New Year, and may 2018 exceed your wildest expectations.

by Tarus at January 04, 2018 04:11 PM

January 02, 2018

This Week in OpenNMS: January 2nd, 2018

It's time for This Week in OpenNMS! We're back from the holidays and ready to write some more code.

Before the holiday break we did more Telemetryd work, web UI refactor, and other bug fixing.

Github Project Updates

  • Internals, APIs, and Documentation

    • Chandra did more work on kafka offset monitoring.
    • Seth did more work on making DAOs and collection OSGi-friendly.
    • Antonio added a new monitor: SnmpTimeMonitor.
    • Markus did more work on defining a model for flow applications.
    • Je...

January 02, 2018 03:56 PM

December 24, 2017

PRIS Release and CI/CD Workflow

PRIS Release Management and Continuous Delivery Workflow

The current release workflow for PRIS and the Docker Container Images was driven by manual tasks. That means you have to push a "Release Button" which sets version numbers and triggers Docker Image builds. I have switched to a continuous delivery workflow. Every commit is a release and there is no "Release Button" anymore. Unique version numbers are generated with git describe and the build number from the CI/CD system. To release stab...

December 24, 2017 05:42 PM

PRIS Release and CI/CD Workflow

PRIS Release Management and Continuous Delivery Workflow

The current release workflow for PRIS and the Docker Container Images was driven by manual tasks. That means you have to push a "Release Button" which sets version numbers and triggers Docker Image builds. I have switched to a continuous delivery workflow. Every commit is a release and there is no "Release Button" anymore. Unique version numbers are generated with git describe and the build number from the CI/CD system. To release stab...

December 24, 2017 05:42 PM

December 21, 2017

OpenNMS Meridian 2017.1.3 Released

Release 2017.1.3 is an update to OpenNMS Meridian 2017.1.2. It is primarily a security and bug fix release.

The codename for 2017.1.3 is Ferro meridian.

Bug
  • Privilege Escalation Bug with Grafana Plugin (Issue NMS-8093)
  • IOActive: Cross-Site Scripting in createFavorite filter Parameter (Issue NMS-9670)
  • IOActive: Reflected Cross-site Scripting in userGroupView/roles roleDescr and Other Parameters (Issue NMS-9673)
  • IOActive: Reflected Cross-site Scripting in admin/thresholds/index.htm filterField and Other Parameters (Issue NMS-9674)
  • HEAD requests to static resources in the UI don’t work (Issue NMS-9689)
  • The EXE installer of the remote poller on Windows is not working (Issue NMS-9721)
  • IllegalStateException in OnmsVaadinContainer (Issue NMS-9742)
  • Karaf snmp:show-config command lists value of timeout for retries (Issue NMS-9745)
  • The content of the clone foreign source definition dialog is misleading (Issue NMS-9749)
  • Relative path reference to version.properties (Issue NMS-9767)
Enhancement
  • Authentication proxy support (Issue NMS-9739)

by RangerRick at December 21, 2017 09:05 PM

OpenNMS Meridian 2016.1.10 Released

Release 2016.1.10 is an update to 2016.1.9 that provides a few bug fixes.

The codename for 2016.1.10 is Waterman Butterfly.

Bug
  • host with single quote in the name breaks UI menu items (Issue NMS-6616)
  • IOActive: Reflected Cross-site Scripting in userGroupView/roles roleDescr and Other Parameters (Issue NMS-9673)
  • IOActive: Reflected Cross-site Scripting in admin/thresholds/index.htm filterField and Other Parameters (Issue NMS-9674)
  • The EXE installer of the remote poller on Windows is not working (Issue NMS-9721)

by RangerRick at December 21, 2017 09:03 PM

OpenNMS Horizon 21.0.2 (Voight-Kampff) Released

OpenNMS Horizon 21.0.2 (code name: Voight-Kampff) is now available.

Release 21.0.2 contains some UI security fixes, other bug fixes, and a few small enhancements.

For more details on what has changed, see the complete change log.

More Info

For complete info on what has changed since Horizon 20, see the release notes.

December 21, 2017 08:59 PM

December 18, 2017

This Week in OpenNMS: December 18th, 2017

It's time for This Week in OpenNMS! Apologies for missing last week but I was in Las Vegas to watch a hockey game. (No really.)

In the last two weeks we more work on the Drift telemetry project and other refactoring.

Github Project Updates

  • Internals, APIs, and Documentation

    • Dustin and Christian continued their work on the Netflow support in Telemetryd.
    • Markus continued his work on Elasticsearch and Telemetryd.
    • Markus added support for enriching flows with classification metadata...

December 18, 2017 04:57 PM

December 14, 2017

Monitor LXC container processes using HostResourceSwRunMonitor

A monitoring solution should always help in bad situations and provide a useful overview of your system health status. Service availability monitors are especially handy to ensure that all services are running on the correct machines.

In past, I have run into an problem which was more of an issue with documentation than a classical monitor alarming issue. We had some servers with LXC containers running. Unfortunately these and other server went down because of some hypervisor issues. After r...

December 14, 2017 03:23 PM

December 04, 2017

This Week in OpenNMS: December 4th, 2017

It's time for This Week in OpenNMS!

Last week we did more work on the Drift telemetry project and other refactoring.

Github Project Updates

  • Internals, APIs, and Documentation

    • I made it easier to pass additional JVM options during test builds.
    • Jeff fixed it so RTC subscription events aren't persisted to the database.
    • Seth continued to work on cleaning up JNLP launch of the remote poller.
    • Antonio continued to work on Enlinkd bridge discovery fixes.
    • Dustin and Markus continued t...

December 04, 2017 04:25 PM

November 29, 2017

Update on Expensify

I recently posted a rant on how a vendor we use, Expensify, appeared to be exposing confidential data to workers with the Amazon Mechanical Turk service. In response to the general outcry, they posted a detailed explanation on their blog.

It did little to change my mind.

So apparently what happened is that they used to use the Mechanical Turk from 2009 to 2012, so if you we a customer back then your information was disclosed to those third party workers. Then they stopped, supposedly using some other, similar, in-house system.

But, some genius there decided that the best way for certain customers to insure their receipts were truly private was to have them use the Mechanical Turk with their own staff. I covered that in my first post and it is so complex it hardly registers as a solution.

Of course, they decided to test this new “solution” starting the day before the American Thanksgiving holiday. This was done using receipts from “non-paying customers”. While we pay to use the service (not for much longer), if you were trying it out for free your receipts were exposed to Mechanical Turk workers. Heh, if you aren’t paying for the product you are the product. The post goes on to talk about the security of the Mechanical Turk service, which was surprising because they went on and on about how they didn’t use it.

What really angered me was this paragraph:

The company was away with our families and trying hard to be responsive, while also making the most of a rare opportunity to be with our loved ones. Accordingly, this vacuum of information provided by the company was filled with a variety of well-intentioned but inaccurate theories that generated a bunch of compounding, exaggerated fears. As a family-friendly business we try hard to separate work life from home life, and in this case that separation came at a substantial cost.

Well, boo hoo. If you truly cared about your employees you wouldn’t start a major beta test the day before a big holiday. I spent my holiday worrying about my employees’ personal data possibly being exposed through the Expensify service. Thanks for that.

What pisses me off the most is this condescending Silicon Valley speak that their lack of transparency is somehow our fault. That our fears are just “exaggerated”. When Ryan Schaffer posted on Quora that nothing personal is included on receipts, he demonstrated a tremendous lack of understanding about something on which he should be an expert. As they turn this new leaf and try to be more transparent, I noticed he deleted his answer from the Quora question.

Smells like a cover up to me.

Look, I know that being from North Carolina I can’t possibly understand all the nuances of the brain-heavy Valley, but if Expensify truly does have a “patented, award-winning” methodology for scanning receipts, why don’t they just make that available to their customers instead of using the Turk? This long-winded defense of the Turk seems like they are protesting too much. Something doesn’t make sense here.

I’ve told my folks to stop using SmartScan and that we would move away from Expensify at the end of the year. If you use, or are planning to use, Expensify you should deeply consider whether or not this is a company you want to associate with and if they will act in your best interests.

I decided the answer was “no”.

by Tarus at November 29, 2017 05:38 PM

November 28, 2017

Dougie Stevenson – The Elvis of Network Management

David messaged me yesterday that Dougie Stevenson had died.

I hadn’t seen Dougie in person in a long time, but I’d kept up with him through the very networks he, in part, helped manage. While I had heard he wasn’t in the best of health, the news of his passing hit me harder than I expected.

I can’t remember the first time I met Dougie. I do remember it was always Dougie, rarely Doug and never Douglas. While most adults might drop such a nickname, it is a reflection on his almost childlike friendliness and good nature that he kept it. I do know that I was working at a company called Strategic Technologies at the time, so this would be the mid-1990s. I was working with tools like HP OpenView, and I’d often run into Dougie at OpenView Forum events. When he decided to take a job at Predictive Systems I followed him, even though it meant commuting to DC four to five days a week.

It was at Predictive that I got to see his genius at work. With his unassuming nature and down-to-earth mannerisms it was easy to miss the mind behind them, but when it came to seriously thinking about the problems of managing networks there were few who could match his penchant for great ideas. I used to refer to him as the “Elvis” of network management.

We were both commuters then. While he had lived in many places, he called Texas home as much as I do North Carolina. We were working on a large project for Qwest near the Ballston metro stop, and after work we’d often visit the nearby Pizzeria Uno. The wait staff loved to see Dougie, and would always laugh when he referred to the cheese quesadillas appetizer as “queasy-dillies”. This was back during the first Internet bubble, around 1999, and while many of us were working hard to make our fortune, Dougie never really cared that much for money. He used to joke it would all go to his ex-wives anyway. I know he had been married but we didn’t talk too much about that aspect of his life. He’d much rather talk about the hotrod pickup truck he was always working on when he had the time. I do remember he once walked away from a small fortune over principles – that was just the kind of person he was.

I can’t remember the last time I saw Dougie, but it could have been in Austin back in 2008. I have this really bad picture I took then:

Dougie and Me

Notice he has on his OpenNMS shirt. He never failed to promote our efforts to create a truly free and open source network management platform whenever he could.

As I’ve gotten older, I wish more for time than money. Between the business and the farm I’m kept so busy that I rarely get to spend as much time with the amazing people I know, and it would have been nice to see Dougie at least once more. In any case, a small part of him lives on in the hearts and minds of those who did know him.

Though it saddens me to say it, Elvis has left the building.

by Tarus at November 28, 2017 10:43 PM

November 27, 2017

Expensify and Why I Hate the Cloud

Over the weekend I found out that Expensify, a service I use for my company, outsources a feature to Amazon’s Mechanical Turk service. Expensify handles the management of business expenses, which for a company like ours can be problematic as we do a lot of travel when deploying services. The issue is that the feature, the “smart scanning” of receipts, could potentially expose confidential data to third parties. As a user of Expensify, this bothers me.

Expensify touts “SmartScan” as:

As background, SmartScan is the patented, award-winning technology that underpins our “fire and forget” design for expense management. When you get a receipt, rather than stuffing it into your pocket to dread for later, just:

1. Take your phone out of your pocket
2. SmartScan the receipt
3. Put your phone back in your pocket

What they never told us is that if their “patented, award-winning technology” can’t read your receipt, they send it to the Mechanical Turk, which in turn presents it to a human being who will interpret the receipt manually. The thing is, we have no control over who will see that information, which could be confidential. For example, when I post a receipt for an airline ticket, it may include my record locater, ticket number and itinerary, all of which are sensitive.

This apparently never occurred to the folks at Expensify. Take this Quora answer from Ryan Schaffer, listed as Expensify Director of Marketing & Strategy:

Also, its worth mentioning, they don’t see anything that can personally identify you. They see a date, merchant, and amount. Receipts, by their very nature, are intended be thrown away and are explicitly non-sensitive. Anyone looking at a receipt isunable to tell if that receipt is from me, you, your neighbor, or someone on the other side of the world.

Wrong, wrong, wrong. It seems that Mr. Schaffer may limit his business expenses to the occasional coffee at Starbucks, but for the rest of us it is rarely that limited. For someone whose job is to perfect dealing with receipts, his view is pretty myopic.

For examples of what Expensify exposes, take a look at this tweet by Gary Pendergast.

Information Exposed by Expensify Tweet

It is also worth noting that it appears Expensify does its business on the Mechanical Turk as “Fluffy Cloud” instead of Expensify, which strikes me as a little disingenuous.

In a blog post this morning the company addressed this:

As you might imagine, doing this is easier said than done. Given the enormous scale and 24/7 nature of this task, we have agents positioned around the world to hand off this volume from timezone to timezone. Most of the US team is located in Ironwood, MI or Portland, OR (where we have offices and can train in person). Most of the international team is in Nepal or Honduras (where we work with a third-party provider to manage the on-site logistics). But regardless of the location, every single agent is bound by a confidentiality agreement, and subject to severe repercussions if that agreement is broken.

But if this were true, why are random people on Twitter announcing that they can see this data? Are they relying on the Amazon agreement with the people working as part of the Mechanical Turk? That doesn’t instill much confidence in me. But then in the same blog post they double down, and suggest that if you want extra security, you can just set up your own staff as part of the Mechanical Turk:

1. You hire a 24/7 team of human transcription agents.
         o For the fastest processing we suggest staffing three separate shifts — or daytime shifts in three different offices around the world. Otherwise your receipts might lag for many hours before getting processed.

2. They apply to Amazon Mechanical Turk for an account. Be aware that this is a surprisingly involved process, including:
         o The agent must sign up using their actual personal Amazon account. If your account doesn’t have an adequate history of purchases (each of which implies a successful credit card billing transaction and package delivery) or other activity, you will be rejected.
         o The agent must provide their full name, address, and bank account information for reimbursement. Amazon verifies this with a variety of techniques (eg, confirm that your IP is in the country you say you are, verify the bank account is owned by the name and address provided, full criminal background check), and if anything doesn’t add up, you will be rejected.
         o Rejection is final. It requires such an abundance of verifiable documentation (most notably being an active Amazon account with a long history) that you can’t just create a new account and try again.
         o There is no apparent appeals process. Accordingly, I would recommend confirming before hiring that the candidate can pass Amazon Mechanical Turk’s many strict controls because we have no ability to override their judgement.

3. You notify us of the “workerID” of each of your authorized agents.
         o Though you are not obligated to share your staff’s identity with us directly, your staff will still be obligated to follow the Expensify terms of services. Failure to comply with our terms will result in an appropriate response, starting with immediate banning by our automated systems, ranging up to our legal team subpoenaing you (or failing that, Amazon) for the identity of the agent to press charges directly.

4. We will create a “Qualification” for your “Human Intelligence Tasks” (HITs) that ensures only your agents will see your receipts.

5. Your staff will use the Amazon Mechanical Turk interface to discover and process your employee’s receipts.

That’s the solution? This is what passes for security at Expensify? Hire three shifts of employees all using verified personal Amazon accounts and then you can be sure your confidential data is kept confidential?

Wouldn’t it just be easier to create a small webapp that would present receipts to people in a company directly without going through the Mechanical Turk? Heck, why not just bounce it back out to you – it isn’t that great of a chore.

Plus, basically, if you don’t do this Expensify is saying they can’t keep your information secure.

This is what frustrates me the most about “the Cloud”. Everyone is in such a rush to deploy solutions that they just don’t think about security. Hey, it’s only receipts, right? Look what I was able to find out with just a discarded boarding pass – receipts can have much more information. And this is from a company that is supposed to be focused on dealing with expenses.

I demand two things from companies I trust with our information in the cloud: security and transparency. It looks like Expensify has neither.

I will be moving us away from Expensify. If you know of any decent solutions, let me know. Xpenditure looks pretty good, and since they are based in the EU perhaps they understand privacy a little better than they do in San Francisco.

by Tarus at November 27, 2017 10:09 PM

This Week in OpenNMS: November 27th, 2017

It's time for This Week in OpenNMS!

Last week we did more Telemetryd work and a bunch of bug fixing.

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus continued his work refactoring our JMX code to be shared as much as possible between the monitor, collection, and detector implementations.
    • Jeff fixed an issue with the karaf snmp:show-config command.
    • Jesse fixed an intermittent JMX issue in containers.
    • I fixed a couple of object-comparison bugs found while debug...

November 27, 2017 04:27 PM

November 20, 2017

This Week in OpenNMS: November 20th, 2017

It's time for This Week in OpenNMS!

Last week we did a lot of Telemetryd work and other work supporting the Horizon and Meridian releases.

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus worked on refactoring our JMX code to be shared as much as possible between the monitor, collection, and detector implementations.
    • Jesse refactored the OSGi Telemetryd adapter to fall back to classpath searches more quickly for non-OSGi telemetry plugins.
    • Markus continued to work...

November 20, 2017 07:45 PM

November 16, 2017

OpenNMS Meridian 2017.1.2 Released

Release 2017.1.2 is the third release of OpenNMS Meridian 2017. It is primarily a security and bug fix release.

The codename for 2017.1.2 is Kraków meridian.

Bug
  • JMX config GUI can’t connect to JMX service with JNDI name not “jmxrmi” (Issue NMS-8596)
  • Tweak Mattermost notification docs not to specify a channel (Issue NMS-9362)
  • INFO-level “unable to locate resource” log messages for interfaces not persisted by policy (Issue NMS-9388)
  • rescan-exitsing attibute of requisition-def tag in provisiond-configuration.xml is not passed to scanNode() in CoreImportActivities (Issue NMS-9492)
  • Northbounders implementation are not sending feedback events for reloadDaemonConfig (Issue NMS-9524)
  • XSS: HTML attribute values with quotes not escaped properly (Issue NMS-9645)
  • Incorrect logging of exceptions in Slack and Mattermost notifications (Issue NMS-9656)
  • IOActive: Reflected Cross-site Scripting in instrumentationLogReader.jsp searchString Parameter (Issue NMS-9672)
  • Typo prevents FIQL query values from being URI-encoded (Issue NMS-9694)
  • Typo in regional status geo map: Unacknowledges (for unacknolwedged) (Issue NMS-9700)
  • Typo: “not elegible” for SNMP primary N enumeration (Issue NMS-9701)
  • Duty schedules with embedded newlines break startup (Issue NMS-9709)
  • Unexpected errors while generating event definitions from TRAP-TYPE without a DESCRIPTION field (Issue NMS-9718)
  • NPE in Enlinkd bridge topology broadcast domain calculation (Issue NMS-9720)
  • Null pointer exception in SurvellianceViewConfigurationCategoryWindow.java (Issue NMS-9722)
  • ReST v1 does not return errors for unparseable events (Issue NMS-9724)
  • Sending bad XML to the Requisitions ReST end point makes the API unusable (Issue NMS-9725)
Enhancement
  • ES REST plugin not doing preemptive basic auth (Issue NMS-9699)

by RangerRick at November 16, 2017 10:02 PM

OpenNMS Meridian 2016.1.9 Released

Release 2016.1.9 is an update to 2016.1.8 that provides a few bug fixes.

The codename for 2016.1.9 is Winkel tripel.

Bug
  • Tweak Mattermost notification docs not to specify a channel (Issue NMS-9362)
  • INFO-level “unable to locate resource” log messages for interfaces not persisted by policy (Issue NMS-9388)
  • Northbounders implementation are not sending feedback events for reloadDaemonConfig (Issue NMS-9524)
  • XSS: HTML attribute values with quotes not escaped properly (Issue NMS-9645)
  • Incorrect logging of exceptions in Slack and Mattermost notifications (Issue NMS-9656)
  • IOActive: Reflected Cross-site Scripting in instrumentationLogReader.jsp searchString Parameter (Issue NMS-9672)
  • Typo prevents FIQL query values from being URI-encoded (Issue NMS-9694)
  • Typo: “not elegible” for SNMP primary N enumeration (Issue NMS-9701)
  • ReST v1 does not return errors for unparseable events (Issue NMS-9724)
  • Sending bad XML to the Requisitions ReST end point makes the API unusable (Issue NMS-9725)

by RangerRick at November 16, 2017 09:59 PM

OpenNMS Horizon 21.0.1 (Rachael) Released

OpenNMS Horizon 21.0.1 (code name: Rachael) is now available.

Release 21.0.1 contains a few enhancements but is primarily a bugfix release, including a fix for the rendering issue in the topology UI and other Vaadin-based UI elements.

For more details on what has changed, see the complete change log.

More Info

For complete info on what has changed since Horizon 20, see the release notes.

November 16, 2017 09:50 PM

November 13, 2017

2017 Cubaconf

I’ve just returned from Cubaconf in Havana, which was also my first visit to Cuba. It was a great trip and I’ve got enough material for at least four blog posts. Most of them won’t deal with free and open source software, so I’ll put them up on my personal blog and I’ll add links here when they are done..

Cubaconf is in its second year, and while I really wish they would have called it “Cuba Libré” (grin) it was a good conference.

There is a spectrum within the Free, Libré, Open Source Software (FLOSS) community, and this is often described by trying to separate the term “open source” from “free software”. If we define “open source” as any software with a license that meets requirements of the Open Source Definition (OSD) and “free software” as any software with a license that meets the requirements of the Four Freedoms, they are the same. You can map the ten requirements of the OSD onto the four requirements of free software.

Open Source is Free Software Chart

However, it can be useful to separate those who look at FLOSS as simply a development methodology from those who view it as a social movement. When companies like Microsoft and Facebook publish open source software, they are simply looking to gain value for their business that such sharing can create. It’s a development methodology. When people talk about free software, they tend to focus on the “help your neighbor” aspect of it, and this was more the focus of Cubaconf than simply creating new code.

The main thing I discovered on my visit was that Cubans face severe limitations on many things, but I’ve never met a people more determine to do as much as they can to make their situation better, and to do it with such passion. If I had to pick a theme for the conference, that would be it: passionate continuous improvement.

Cubaconf Registration

The three day conference had the following structure: Day One was a standard conference with keynotes and five tracks of presentations, Day Two had keynotes and more of a “barcamp” organization, and Day Three was set aside for workshops, as well as the obligatory video game tournament.

They did have the best lanyard sponsor I’ve seen at a technology conference:

Cubaconf Lanyard and Badge

I was in Cuba with my friend and coworker Alejandro, who used to live in Venezuela and is a fluent Spanish speaker, and Elizabeth K. Joseph, who promotes the open source aspects of Mesosphere. We shared a three bedroom “casa particular” in Old Havana, about a ten minute walk from the conference, which was held on the second floor (third floor if you are American) of the Colegio de San Gerónimo.

Everyone was together on the main room for the first keynote.

Cubaconf People in Room

While both English and Spanish were spoken at the conference, the presentations were overwhelmingly in Spanish, which was to be expected. I can get by in Spanish, but the first speaker, Ismael Olea, spoke fast even for the native speakers. At least I could understand most of the content in his slides.

Cubaconf Ismael Olea

Olea is from Spain and did a keynote on HackLab Almería. Almería is a province in the southeastern part of Spain, and with a population of around 700,000 people it is much smaller than provinces like Madrid (6.5 million) and Barcelona (5.5 million). As such, the region doesn’t get as much attention as the larger provinces, and so they goal of Hacklab Almería is to use technology at the “hyperlocal” level. They define themselves as a “collective of technological , social and creative experimentation” and FLOSS plays a large role in their mission.

After the keynote, we broke up into individual sessions. I went to one called “How to Make Money with Free Software” presented by Valessio Brito from Brazil. While he spoke mainly in Spanish, his slides were in Portuguese, but I was able to follow along. His presentation focused on how he used his knowledge of FLOSS to get consulting engagements around the world. This was pretty topical since in Cuba, as elsewhere, having strong software skills can be lucrative, and since a lot of proprietary software is either impossible to get or too expensive, having skills in open source software is a plus.

Cubaconf Valessio Brito

Also, I liked his shirt.

Our OpenNMS presentation was in the next time slot. I asked our hosts if they would like the presentation in English or Spanish, and when they said Spanish I asked Alejandro to give it. He did a great job, even though he had only a short time to understand the slides.

Cubaconf Alejandro Galue

The lunch break came next, and we walked a couple of blocks to the Casa de Africa, a museum dedicated to the African influence in Cuban culture.

Cubaconf Lunch Break

We ate sandwiches and talked out on the patio. This would be the location for lunch for all three days.

Cubaconf Maira Sutton

After lunch I watched a presentation by Maira Sutton called “Fighting Cyber Dystopia with Tech Solidarity and the Digital Commons” which is a long way to express the idea of using free software combined with working together to take back some of the power from large corporations. Her main example talked about the city of Austin, Texas, and its fight with Uber and Lyft. Austin wanted all ride sharing drivers to have to undergo a background check that included fingerprints. Sounds reasonable, but Uber and Lyft resisted, eventually leaving the city.

However, services like Uber and Lyft can be downright useful, so a number of startups filled in the gap, offering similar services that met the City’s fingerprint requirements. Instead of acquiescing to local laws, Uber and Lyft took their fight to the State legislature, which overturned Austin’s regulation.

Even though it is a sad ending, the example did demonstrate that combining technology and social action can result in solutions that can meet or exceed those provided by large commercial companies.

Cubaconf First Night's Event

For each night of the conference there was an event, and the one for Tuesday was held at a modern art gallery on the southern side of Old Havana. There was lots of food and drink, and I got exposed to a project called cuban.engineer. This is a group to promote technology careers within Cuba, and I had seen their shirts at the conference.

Cubaconf cuban.engineer shirts

In a lot of the world we take Internet access for granted. I can remember accessing the Internet from the night market in Siem Reap, Cambodia, on an open wi-fi connection. That doesn’t exist in Cuba. Cuba is one of the most disconnected countries in the world, which can make working with technology difficult. Access is controlled by an agency called ETESCA. To access the Internet you purchase a card which offers a certain number of hours of use, and then you have to locate an area with a wi-fi hotspot (usually near a park). The card has a number of digits for a username and a number of digits as a password, and once you get connected you hope you stay connected long enough to do what you need to do.

No one is exempt from this. Even in our apartment the owner would use one of these cards to enable access for the hotspot on the ground floor. So, if you are a technology business in Havana, your first job is to located your office near a hotspot, and then buy a bunch of these cards.

Thus you can imagine that sharing in a big part of the culture. People burn and swap CDs with software such as Ubuntu on them, and they tend to use Gitlab to make local mirrors of code repositories. While wi-fi equipment can be hard to come by, people have been able to set up their own, private wi-fi networks within cities like Havana to make sharing easier. There is no Internet access (I joked that it was Cuba’s “dark web“) but they can set up tools like Rocket.Chat to communicate and share.

Despite limitations in acquiring software, Microsoft Windows is still the most common operating system running on Cuban computers. An attempt was made to create a Cuba focused Linux-based distro called Nova. I was told that they even experimented with making it look as close to Windows 7 as possible, but people were still tied to using Windows. According to Wikipedia this distro is no more, which is a shame.

Cubaconf Mixæl Laufer

The second day started with the meter pegged at full on social justice, with a presentation by Dr. Mixæl S. Laufer, Ph.D., from Four Thieves Vinegar. They are a collective aiming to share information on how to create pharmaceuticals in places where they might not be available. If you live in the US than you probably heard of Martin Shkreli who as CEO of Turing Pharmaceuticals raised prices 5600%, and EpiPen maker Mylan who raised the price of this life saving device several hundred percent just because they could. Laufer showed how you could make your own EpiPen for around $30, among other things.

Now drug companies will say that they have to charge that amount to cover the costs of creating new drugs, but the EpiPen greed demonstrated that wasn’t true. Running health care as a “for profit” enterprise has always seemed inherently wrong due to the incentives being more toward making money versus keeping people healthy, but that is commentary for another time and place.

I had to leave after that presentation for something special. I make classic cocktails as a hobby, and one of our hosts asked me to speak to a school for bartenders (cantineros) on the great tradition of Cuba cocktails. It was a blast and I’ll write that up soon.

Cubaconf Wednesday Event

Wednesday night’s event was held, appropriately, at a bar in an area called Barber’s Alley. It was a fun gathering and I got a nice picture of some of our hosts.

Cubaconf Hosts

Left to right is Jessy, Pablo, pb, and Adalberto.

There was also a guy there who made pipes, specifically replicas of native American peace pipes, and one was passed around.

Cubaconf Peace Pipe

The third and final day was a series of workshops, but was started with a keynote from Ailin Febles, from the Uniōn de Informāticas de Cuba, a non-profit organization to bring together “all technicians, professionals and people related to information and communication technologies in a space that enables mutual support of the associates in the achievement of their professional, academic, scientific, cultural and personal objectives”.

Cubaconf Ailin Febles

Of course, a lot of their organization is driven by open source software.

Cubaconf Software used by UIC

I hope they switch to Nextcloud from Owncloud soon.

There was one morning workshop in English, ironically by a German named Christian Weilbach, on machine learning. I was interested in the topic since I keep hearing about it lately, and the fact that I would probably be able to understand it was a plus. To me machine learning is magic, and I wanted to dispel some of that magic.

Cubaconf Christian Weilbach

It worked. It turns out that machine learning is, to a large extent, what we used to call linear algebra. It just is able to work on much larger and more complex data sets. I’m still eager to play more with this technology, but it was nice to learn that it really isn’t all that new.

Cubaconf Old Car Taxi

After lunch we decided to spend our last afternoon exploring Havana a bit.

Cubaconf Brewery Event

The final evening event was in a brewery, and I enjoyed the beer. What I enjoyed more was the opportunity to talk with Inaury about race in Cuba. Cubans come in all shapes and sizes, from people with light skin, blond hair and blue eyes to people so dark they are almost blue, yet they all seem to interact and socialize with each other more so than any other place I’ve been. I plan to chat more about that in a blog post as well.

Overall I had a great time in Cuba. I love the fact that working in free software means I can make new friends in almost any country, and that even a place with limited resources can put on a great conference. If you get a chance to go to Cubaconf, you should take it.

by Tarus at November 13, 2017 04:29 PM

This Week in OpenNMS: November 13th, 2017

It's time for This Week in OpenNMS!

Last week we did a lot of Telemetryd work and a few other bug fixes in preparation for the releases this Thursday.

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus worked on the vaadin OSGi bug introduced in Horizon 20.
    • Chandra did more work on making it so Telemetryd adapters can be loaded from OSGi.
    • Chandro worked on the NX-OS Telemetryd adapter.
    • Markus fixed preemptive auth in the Elasticsearch ReST client and updated the J...

November 13, 2017 04:09 PM

November 06, 2017

This Week in OpenNMS: November 6th, 2017

It's time for This Week in OpenNMS!

Last week we did a lot of Telemetryd work and a few other bug fixes targeting the November releases.

Github Project Updates

  • Internals, APIs, and Documentation

    • Jesse wrapped up the work on fixing an SNMP thread leak while provisioning.
    • Alejandro fixed some logging on the branch for handling traps without descriptions.
    • Alejandro and Jesse did more work on Amazon SQS code.
    • Jeff wrapped up the mattermost/slack format changes.
    • Jeff improved the...

November 06, 2017 06:48 PM

October 30, 2017

This Week in OpenNMS: October 30th, 2017

It's time for This Week in OpenNMS!

Last week we did a lot of work on the new telemetry daemon for the Drift project, released Helm 1.0.0 packages, and did some UI cleanup work on Compass.

Github Project Updates

  • Internals, APIs, and Documentation

    • Alejandro continued his work implementing an Amazon SQS-based sink adapter for Minion forwarding.
    • Alejandro fixed a bug where reloadDaemonConfigSuccessful and reloadDaemonConfigFailed were not being sent on a northbounder daemon reload...

October 30, 2017 03:26 PM

October 23, 2017

This Week in OpenNMS: October 23rd, 2017

It's time for This Week in OpenNMS!

Last week we released Horizon 21 and Meridians 2015.1.8, 2016.1.8, and 2017.1.1.

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus worked on persisting Netflow 5 data to elasticsearch.
    • Alejandro worked on implementing and Amazon SQS-based sink adapter for Minion forwarding.
  • Web and UI

    • Seth did more work on the newer Angular-based outage list.
    • Seth fixed some ReSTv2 date-handling relating to null values.
    • Jeff fixed some...

October 23, 2017 01:47 PM

October 19, 2017

OpenNMS Meridian 2017.1.1 Released

Release 2017.1.1 is the second release of OpenNMS Meridian 2017. It contains a number of security and bug fixes and a few small enhancements.

The codename for 2017.1.1 is Meridian of Monte Mario.

Bug
  • An empty category is not shown when in focus (Issue NMS-9423)
  • Multiple XSS vulnerabilities in OpenNMS webapp (Issue NMS-9457)
  • The button to add a graph to a KSC report doesn’t work (Issue NMS-9498)
  • RadixTreeSyslogParser confuses timezone and hostname fields (Issue NMS-9522)
  • Stale IP Address Cache (Issue NMS-9613)
  • opennms-webapp-remoting JARs are not signed (Issue NMS-9638)
  • trapd may silently discard invalid traps (Issue NMS-9660)
  • Trap event parenting lacks bias toward SNMP primary interfaces (Issue NMS-9666)
  • IOActive: Stored Cross-site Scripting in SNMP Trap Message (Issue NMS-9668)
  • IOActive: Reflected Cross-site Scripting in heatmap/outages heatmap Parameter (Issue NMS-9671)
Enhancement
  • Display AlarmId on Event page (Issue NMS-8445)
  • Check/add support for PostgreSQL 10 (Issue NMS-9679)

by RangerRick at October 19, 2017 09:22 PM

OpenNMS Meridian 2016.1.8 Released

Release 2016.1.8 is an update to 2016.1.7 that provides a few security fixes.

The codename for 2016.1.8 is Hammer retroazimuthal.

Bug
  • Multiple XSS vulnerabilities in OpenNMS webapp (Issue NMS-9457)
  • opennms-webapp-remoting JARs are not signed (Issue NMS-9638)
  • IOActive: Stored Cross-site Scripting in SNMP Trap Message (Issue NMS-9668)
  • IOActive: Reflected Cross-site Scripting in heatmap/outages heatmap Parameter (Issue NMS-9671)

by RangerRick at October 19, 2017 09:21 PM

OpenNMS Meridian 2015.1.8 Released

Release 2015.1.8 is the ninth release of OpenNMS Meridian 2015. It contains a cross-site-scripting security fix.
The codename for 2015.1.8 is CHOST.

Bug
  • Multiple XSS vulnerabilities in OpenNMS webapp (Issue NMS-9457)
  • opennms-webapp-remoting JARs are not signed (Issue NMS-9638)

by RangerRick at October 19, 2017 09:19 PM

OpenNMS Horizon 21.0.0 (Deckard) Released

OpenNMS Horizon 21.0.0 (code name: Deckard) is now available.

This release is primarily an under-the-hood update, bringing our embedded Karaf from 2.x to the very latest (4.1.2). It also includes Minion improvements, improvements to event parameter handling internally, and much more.

Note: In this release we finally reformatted all of our configuration files in $OPENNMS_HOME/etc to match the way they get written out if you modify them in OpenNMS. Upgrades will likely be a bit more compli...

October 19, 2017 09:08 PM

October 16, 2017

This Week in OpenNMS: October 16th, 2017

It's time for This Week in OpenNMS!

Last week we continued progress towards Horizon 21, due this week.

Github Project Updates

  • Internals, APIs, and Documentation

    • Chandra worked on minion system tests for Telemetryd.
    • I wrapped up my work on normalizing configuration files for Horizon 21.
    • I added support for PostgreSQL 10.
    • Markus added some code to the installer to verify the database and system time match.
    • Christian did more work on cleaning up the location:IP cache code.
    • Set...

October 16, 2017 03:03 PM

October 14, 2017

Sneak peek IFTTT integration in Horizon 21

People familiar with production lines are familiar with using Stack Lights to indicate the status of a machine.

Wouldn't it be cool to have something similar as a status indicator for your IT-Infrastructure? This question is probably ~20 years old and we've ended up with things like the USB Table Traffic Light that you can buy now for arround 70,-€. Some diehard users of OpenNMS might already know its ancestor: onmsblink. It uses the blink1 USB multicolour LED and shows overall status...

October 14, 2017 01:48 AM

October 09, 2017

Monitoring Storcli based Megaraid/LSI RAID controllers

What happens when there are broken disks and degraded RAID volumes and nobody knows about them? Monitoring disks and RAID volumes is a fundamental part of rolling out a monitoring solution.

Unfortunately, manufactures for RAID controllers create their own tooling, which makes it difficult to monitor them using generic monitoring protocols. If you are familiar with the LSI MegaRAID controller, you probably also know the Storcli tool. It almost has super cow powers and provides all the inform...

October 09, 2017 10:23 PM

This Week in OpenNMS: October 9th, 2017

It's time for This Week in OpenNMS!

Last week we continued progress towards Horizon 21.

Github Project Updates

  • Internals, APIs, and Documentation

    • Jesse fixed some issues in the trap handler.
    • Alejandro worked on updating us to the latest Apache Commons HTTP client.
    • Seth continued to work on upgrading Karaf to 4.1.
    • I (finally) moved the netmask field from the SNMP interface table to the IP interface table.
    • I worked on reformatting our configuration files to make them match the...

October 09, 2017 02:28 PM

October 02, 2017

This Week in OpenNMS: October 2nd, 2017

It's time for This Week in OpenNMS!

Last week we released Meridian 2017, as well as maintenance releases of Meridian 2015 and 2016. We continued progress towards releasing Horizon 21.

Github Project Updates

  • Internals, APIs, and Documentation

    • Ronny continued working on migrating our documentation to AsciiBinder.
    • Dustin continued working on the location:node cache.
    • Jeff added support for clear-alarm in the Spectrum event importer.
    • Jeff cleaned up WS-Man collection to match WMI...

October 02, 2017 02:27 PM

September 28, 2017

OpenNMS Meridian 2017.1.0 Released

Release 2017.1.0 is the first release of OpenNMS Meridian 2017. It is based on OpenNMS Horizon 19, plus a number of other bug fixes and changes that went into Horizon 20.

The codename for 2017.1.0 is Bering Strait.

What’s New in OpenNMS Meridian 2017?

Since Meridian 2016, a huge number of backend changes have occurred, including a large refactor of provisioning, many cleanups in Enlinkd, and a number of new features including the Business Service Monitor.

New features include:

  • Business Service Monitor: Provides a high-level correlation of business rules, and to display them in the topology map.
  • Slack notifications.
  • Plugin Manager: An API for adding 3rd-party “plugins” to OpenNMS.
  • Many UI enhancements in topology, provisioning, and elsewhere.
  • Elasticsearch ReST Forwarder: Store events, alarms, and alarm state changes in Elasticsearch for archival or searching.

For a complete list of new features, breaking changes, and upgrade notes, see The Meridian 2017 release notes.

by RangerRick at September 28, 2017 07:56 PM

OpenNMS Meridian 2016.1.7 Released

Release 2016.1.7 is an update to 2016.1.6 that provides a number of small bug fixes.

The codename for 2016.1.7 is Tobler hyperelliptical.

Bugs Fixed:

  • INFO-severity syslog-derived events end up unmatched (Issue NMS-8106)
  • Resource graph forecast page lacks header (Issue NMS-8856)
  • Allow provisiond to perform reverse lookups without requiring an A record (foundation-2016) (Issue NMS-9406)
  • No bounds-checking in processing of DHCP Options (Issue NMS-9420)
  • The reason parameter for a nodeLostService event is limited to 255 characters (Issue NMS-9550)
  • The remote-poller.sh script looks for the remote-poller.jar file in the wrong location (Issue NMS-9606)
  • vmware importer fails with NPE (Issue NMS-9611)
  • Basic syslog messages with Informational severity turn into unknown events (Issue NMS-9615)
  • quick add node is broken (Issue NMS-9618)
  • Remote poller logs have place holders for their names (Issue NMS-9621)
  • Remote Poller log path incorrect when using the NSIS installer (Issue NMS-9631)

by RangerRick at September 28, 2017 07:48 PM

OpenNMS Meridian 2015.1.7 Released

Release 2015.1.7 is the eighth release of OpenNMS Meridian 2015. It contains a few small bug fixes.
The codename for 2015.1.7 is ROTT.

Bugs Fixed:

  • The reason parameter for a nodeLostService event is limited to 255 characters (Issue NMS-9550)
  • Remote Poller log path incorrect when using the NSIS installer (Issue NMS-9631)

by RangerRick at September 28, 2017 07:46 PM

September 25, 2017

OpenNMS.js v1.0.2

This is a bugfix release to fix support for making ReSTv2 queries against OpenNMS Horizon 20.1.x.

by RangerRick at September 25, 2017 03:45 PM

This Week in OpenNMS: September 25th, 2017

It's time for This Week in OpenNMS!

Last week we did prep-work for Meridian 2017 and Horizon 20.1, as well as continuing to work on JTI integration.

Github Project Updates

  • Internals, APIs, and Documentation

    • Seth did more remote poller logging cleanup.
    • Jesse did more work on JTI telemetry support.
    • Seth updated JNA to 4.4.0.
    • Dustin worked on supporting multiple nodes with the same IP in the location:IP cache.
    • Seth did more work updating our embedded Karaf.
  • Web and UI

    • Se...

September 25, 2017 03:16 PM

September 21, 2017

OpenNMS Horizon 20.1.0 (Zorg) Released

OpenNMS Horizon 20.1.0 (code name: Zorg) is now available.

Horizon 20.1.0 is based on Horizon 20.0.2 plus additional work done in preparation for Meridian 2017, including a new ReST API to support enhanced OpenNMS Grafana inetgration.

For more details on what has changed, see the complete change log.

More Info

For complete info on what has changed since Horizon 19, see the release notes.

September 21, 2017 07:55 PM

September 20, 2017

2017 Ohio Linuxfest

The Ohio Linuxfest was one of the first open source conferences I ever attended, way back in 2010. I had heard about it from the local Linux Users Group, TriLUG, and we ended up renting a van and taking a couple of other open source geeks with us, including “Mr. IPv6” Kevin Otte.

It was a blast.

Ohio Linuxfest Banner

This year looks like another great show, with one of my favorite people, Karen Sandler, giving a keynote on Friday and yours truly will be giving the last keynote on Saturday.

If you are into free and open source software and are able to make it, I strongly encourage you to check out the conference. You’ll be glad you did.

by Tarus at September 20, 2017 02:56 PM

September 19, 2017

2017 Australian Network Operators Group Conference

Back in June I was chatting with “mobius” about all things OpenNMS. He lives and works in Perth, Australia, and suggested that I do a presentation at AusNOG, the Australian Network Operators Group.

One of the things we struggle with at OpenNMS is figuring out how to make people aware it exists. My rather biased opinion is that it is awesome, but a lot of people have never heard of it. To help with that I used to attend a lot of free and open source conferences, but we’ve found out over the years that our user base tends to be more along the lines of large enterprises and network operators that might not be represented at such shows.

Imagine my surprise when I found out that there were a whole slew of NOGs, network operator groups, around the world. It seems to me that people who attend these conferences have a more immediate need for OpenNMS, and with that in mind I submitted a talk to AusNOG. I was very happy it was selected, not in the least because I would get to return to Australia for a third time.

AusNOG David Hughes

I wasn’t sure what to expect, but was pleasantly surprised. The event was extremely well organized and I really liked the format. Many conferences as they become successful respond by adding multiple tracks. This can be useful if the tracks are easy to delineate, but often you can get “track bloat” where the attendees get overwhelmed with choice and as a presenter you can end up with a nearly empty room if you are scheduled against a popular speaker. At AusNOG there is only one track of somewhat short, highly curated talks that results in a very informative conference without the stress of trying to determine the best set of talks to attend.

AusNOG Program

(Note: Visit the “programme” site and click on talk titles to download the presentations)

The venue was very nice as well. Held at the Langham Hotel, the conference took place in a ballroom that held the 200+ people with a lobby out front for socializing and a few sponsor booths. The program consisted of 90 minutes of presentations separated by a break. They alternated sets of three 30 minute talks with two 45 minutes talks. I found all of the presentations interesting, but I have to admit that I spent a lot of time looking up unfamiliar acronyms. As network operators Autonomous System (AS) numbers were thrown around in much the same way SNMP Private Enterprise Numbers are shared among network management geeks. Australia is also in the process of implementing a nationwide National Broadband Network (nbn™) to provide common infrastructure across the country, so of course that was the focus of a number of talks.

In the middle of each day we broke for lunch which was pretty amazing. The Langham restaurant had a sushi section, a section for Indian food, a large buffet of your standard meat and veg, and at least three dessert sections: one with “healthy” fruit and cheese, another focused on ice cream and a chocolate fountain, and a large case full of amazing pastries and other desserts. All with a view out over the Yarra river.

AusNOG Yarra River

I really liked the format of AugNOG and suggest we adopt it for the next OpenNMS conference. For those few talks that were either over my head or not really of interest, they were over pretty quickly, but I found myself enjoying most of them. I thought it was interesting that concepts we usually equate with the managing servers are being adopted on the network side. One talk discussed topics such as running switch software in containers, while another discussed using Ansible and Salt to manage the configuration of network gear.

AusNOG Runing Switch Software in Containers

I was happy to see that my talk wasn’t the only one that focused on open source. Back fifteen years ago getting large companies to adopt an open source solution was still in the evangelical stage, but now it is pretty much standard. Even Facebook presented a talk on their open source NetNORAD project for monitoring using a distributed system to measure latency and packet loss.

I did have a few favorite talks. In “The Future Is Up in the Sky” Jon Brewer discussed satellite Internet. As someone who suffered for years with a satellite network connection, it was interesting to learn what is being done in this area. I used a system with a satellite in geosynchronous orbit which, while it worked, ended up with latency on the order of a second in real-world use. It turns out that there are a number of solutions using shorter distances with satellites in low earth or high earth orbit. While they present their own challenges, it is still the most promising way to get network access to remote areas.

Another talk by Mark Nottingham discussed issues associated with the increased use of encrypted protocols and the challenges they create for network operators. While the civil libertarian in me applauds anything that makes it harder for surveillance to track users, as a network monitoring guy this can make it more difficult to track down the cause of network issues.

And this will become even more important as the network changes with the adoption of Internet of Things (IoT) devices. Another good talk discussed the issue of IoT security. Even today the main consensus is that you protect weakly secured devices with a firewall, but a number of new exploits leverage infected systems within the firewall for DDoS attacks.

AusNOG Internet of Things Vulnerabilities

I think my own talk went well, it was hard to squeeze a good introduction to OpenNMS into 30 minutes. I did manage it – 30 minutes on the nose – but it didn’t leave time for questions. As a speaker I really liked the feedback the conference provided in the form of a rather long report showing what the attendees thought of the talk, complete with cool graphs.

AusNOG Speaker Response

I really enjoyed this conference, both as an attendee and a speaker. While I hope to speak to more NOGs I would much rather encourage OpenNMS users who are happy with the project to submit real-world talks on how they use the platform to their local tech groups. I think it tells a much stronger story to have someone a little less biased than myself talking about OpenNMS, and plus you get to visit cool conferences like AusNOG.

by Tarus at September 19, 2017 04:10 PM

September 18, 2017

Help Get OpenNMS Packaged by Bitnami

As someone who has used OpenNMS for, well, many years, I think it is a breeze to get installed. Simply add the repository to your server, install the package(s), run the installer and start it.

However, there are a number of new users who still have issues getting it installed. This is not a problem limited just to OpenNMS but can be a problem across a number of open source projects.

Enter Bitnami. Bitnami is a project to package applications to make them easier to install: natively, in the cloud, in a container or as a virtual machine. Ronny pointed out that OpenNMS is listed in their “wishlist” section, and if we can get enough votes, perhaps they will add it to their stack.

Bitnami also happens to have a great team, lead in part by the ever amazing Erica Brescia. As I write this we have less that 50 votes, with the current leaders being over 1200, so there is a long way to go. I’d appreciate your support, and once you vote you get a second chance to vote again via the socials.

Bitnami OpenNMS Wishlist

Thanks, and thanks to Bitnami for the opportunity.

by Tarus at September 18, 2017 07:55 PM

This Week in OpenNMS: September 18th, 2017

It's time for This Week in OpenNMS!

Last week was more development work on JTI support, wrapping up of Helm, and prepping for Meridian 2017 and a new Horizon release.

Github Project Updates

  • Internals, APIs, and Documentation

    • Seth and I worked on fixing logging in the remote poller.
    • Jesse and Chandra worked on implementing JTI stream data collection.
    • Jesse fixed location-handling in newSuspect events.
    • Christian worked on fixing some import errors in the VMware adapter.
    • Ronny w...

September 18, 2017 03:28 PM

September 13, 2017

OpenNMS.js v1.0.1

This is a small release to fix an authentication issue in the Grafana HTTP interface.

by RangerRick at September 13, 2017 11:54 PM

Monitor your Synology NAS with SNMP

Network Attached Storage devices are very popular in small or medium offices or at home to store and share data.

Synology is one of the manufactures who build their devices with SNMP support to provide monitoring and managment capabilities. This makes it very easy to let OpenNMS keep an eye on your NAS and it can tell you if something goes wrong. All you need to do is, use the SNMP Monitor and configure the OIDs you want to monitor. Nobody likes to investigate MIB files, so I have shared my...

September 13, 2017 10:13 PM

September 11, 2017

This Week in OpenNMS: September 11th, 2017

It's time for This Week in OpenNMS!

Last week was more Helm wrap-up and fixing issues to prepare for the release of Meridian 2017.

Github Project Updates

  • Internals, APIs, and Documentation

    • Seth did some cleanup of misformatted APC eventconf entries.
    • Jesse started working on adding support for Juniper Telemetry Interface.
    • Christian fixed the startup path in the remote poller script.
    • Seth fixed the criteria API to handle stacking join conditions.
    • I fixed our DHCP handler to dea...

September 11, 2017 02:29 PM

September 08, 2017

OpenNMS.js v0.1.0-alpha.2

re-released with an updated version for npmjs

by RangerRick at September 08, 2017 07:22 PM

OpenNMS.js v0.1.0-alpha.3

Bug Fixes

  • browser: fix error when using the dev .js file in a browser (ee7d22a)
  • cli: only attempt to read the configuration file if it exists (2339c6d)
  • dao: handle single-entry array responses (6c66be6)
  • rest: fix axios include handling (e461831)
  • rest: fix handling of XML data in node (70fd445)
  • rest: generate a node version with webpack (58d2938)
  • v2: consider the server type when comparing the version numbers (e2c03ee)
  • v2: fix handling of 204 codes (a352ea8)
  • v2: remove the implicit wildcards (4940010)

Features

  • alarms: expose the sticky and journal memos (adbcb3a)
  • dao: add alarm ack/unack/escalate/clear support (f44f8d7)
  • rest: add PUT support (b50d99e)
  • v2: add support for nested restrictions with boolean operators (09cd705)
  • v2: add support for the v2 api (eb1b165)

by RangerRick at September 08, 2017 07:22 PM

OpenNMS.js v1.0.0-beta.1

Bug Fixes

  • api: fix comparator matching (6897389)
  • api: handle Meridian properly in useJson (740cdf1)
  • dao: fix handling of 204s in Grafana - the data is null (55028cb)
  • js-10: Handle single alarm (xml) result properly (544c174)
  • js-12: Make breakpoints work (13fb9ae)
  • log: bump logging of missing count down to DEBUG (00b3e1b)
  • rest: fix clonedeep import in the CLI (e2e9d79)
  • rest: fix crash when options is undefined in getServer (7768b48)
  • rest: make sure passed options don't leak (9b9dee4)
  • rest: only set up global if it exists (eg, Node.js, not browser) (7a1b2c3
    )
  • rest: webpack still needs to fake global for browsers (8f7fa5a)

Features

  • alarms: add support for manipulating journal and sticky memos (875e268)
  • alarms: implement ticket create/update/close (93ff386)
  • api: add "ISNULL" alias to comparator (3a243a5)
  • api: consider 202 a successful HTTP response (d21e5e1)
  • api: static method for matching a comparator (df90751)
  • cli: add --version, also a warning about passwords (1c07be9)
  • cli: make a cli bundle in dist/ (02298d7)
  • dao: add alarm setTTicketId/setTTicketState (bb429f6)
  • dao: add ReSTv2 support to event and node DAOs (c524493)
  • dao: implement querying ReSTv2 search properties (a588325)
  • dao: Include comparators and values (JS-11) (9ad41d2)
  • dao: use JSON against modern (19+) OpenNMS instead of XML (c17db2c)
  • rest: add POST support (d3af9e2)
  • rest: return a useful OnmsResult on error (094399c)

by RangerRick at September 08, 2017 07:22 PM

OpenNMS.js v1.0.0

This is the first official release of OpenNMS.js.

OpenNMS.js currently supports a subset of the OpenNMS ReST API:

  • query alarms, events, and nodes (including complex queries against OpenNMS Horizon 21+ and Meridian 2017+)
  • acknowledge, escalate, and clear alarms
  • create, update, and close trouble tickets against an alarm
  • create, update, and delete alarm sticky memos
  • create, update, and delete alarm journal memos

Changes since 1.0.0-beta.1

Bug Fixes
  • api: add missing modules to API export (53fad98)
  • api: add workaround for Error init + clean up docs (6f7a4ab)
  • dao: Map troubleTicketState properly (JS-24) (86fc298)
  • dao: URL-encode FIQL values (NMS-9578) (9a335e8)
  • rest: Do not reset headers when headers defined (2f360fd)
  • rest: Do not set responseType on request (0c2b6f4)
  • rest: Use err.data.response if exists as message (4875b9c)
  • rest: use negative offset for dates to work around a server issue (abdfc0b)
Features
  • alarms: expose a link to the alarm details page (HELM-55) (8795818)
  • api: add metadata call to detect ticketer config support (bf0255b)
  • api: Include ticketer configuration. JS-17 (2728734)
  • dao: Add capability to fetch values from alarm v2 endpoint (JS-22) (637443f)
  • dao: Add more complex null value handling for v2 (JS-20) (7817b4a)
  • dao: add user parameter to unack (JS-19) (90c128d)
  • dao: expose the event label and locations (HELM-13) (3395039)
  • dao: Include troubleTicketLink if defined (JS-23) (7420218)
  • dao: support dates in query parameters (JS-15) (d9884b6)
  • internal: add utility methods for dealing with dates (c40450b)
  • rest: Improve OnmsError object and GrafanaHttp error handling (72d6e32)
  • rest: only parse requests on success (JS-13) (aa9257d)

by RangerRick at September 08, 2017 07:22 PM

September 06, 2017

This Week in OpenNMS: September 6th, 2017

It's time for This Week in OpenNMS!

Last week was a short week because of the Labor Day holiday, but we continued wrapping up Helm changes and working on bug fixes in preparation for Meridian 2017.

Github Project Updates

  • Internals, APIs, and Documentation

    • I continued my work on getting OpenNMS integration tests to run cleanly in Docker containers. I have the foundation and foundation-2016 branches building cleanly, and have managed to run them on Elastic Bamboo instances, so we'...

September 06, 2017 02:29 PM

September 01, 2017

2017 Australian Network Operators Group (AusNOG) Conference

I am excited to be returning to Australia for the third time next week. This trip is to speak at the Australian Network Operators Group (AusNOG) annual conference in Melbourne.

AusNOG Promo Graphic

I can’t believe I’ve gone for so long and not known about Network Operator Groups (NOGs). There are quite a few of them and I think they would be a perfect audience to introduce to the OpenNMS Project. One of our users on the OpenNMS chat server is from Perth and he made me aware of the conference, and I was humbled and delighted to have my presentation accepted.

At OpenNMS we strive very hard to separate the project (.org) from the commercial entity that supports the project (.com) and this presentation will be strictly focused on the project. It’s a wonderful thing about OpenNMS: if it meets your needs, cool. If not, also cool. I just want more people to be aware of open source options, especially in the carrier and enterprise space.

And it looks like open source is definitely making inroads at AusNOG. The talk before mine is about Ansible and Salt. There is another talk on using open source to build a version of NetNorad, and another one on open source for big data analytics. The one after mine is about modern network monitoring, so I hope I tick at least a few boxes on his list.

I hope to see you there (although it looks like it is sold out) but let me know if you are in the area and perhaps I can at least say “hi”.

by Tarus at September 01, 2017 04:25 PM

August 28, 2017

This Week in OpenNMS: August 28th, 2017

It's time for This Week in OpenNMS!

In the last week we have been working on wrapping up the Helm project, and continuing to finish up the work that will become Meridian 2017 and OpenNMS Horizon 21.

Github Project Updates

  • Internals, APIs, and Documentation

    • I continued my work on getting OpenNMS integration tests to run cleanly in Docker containers.
    • Christian and Dustin did more work on moving event parms to a separate database table.
    • DJ worked on cleaning up test database creatio...

August 28, 2017 02:12 PM

Load Thresholding

System has high load!

Sounds anything but perfect. At least when we are talking about servers.

Fortunately, I don't have to explain what load is or how it's defined because there are many explanations on the internet. I found my favorite one on blog.scoutapp.com.

Once you read the article, you know that the ideal load on a Linux machine depends on the number of CPU cores. And maybe you can already foresee what that means for your threshold configs. Yes, you will need individual thres...

August 28, 2017 01:30 PM

August 22, 2017

This Week in OpenNMS: August 22nd, 2017

It's time for This Week in OpenNMS! In the last week we worked on internals, documentation, and web APIs.

Github Project Updates

  • Internals, APIs, and Documentation

    • Seth did more work on converting eventd to use Camel routes.
    • I continued my work on getting OpenNMS integration tests to run cleanly in Docker containers.
    • Alejandro added documentation on creating custom security roles in recent OpenNMS versions.
    • Craig did more work on license and product management in the plugin manag...

August 22, 2017 02:12 PM

August 17, 2017

OpenNMS Meridian 2016.1.6 Released

Release 2016.1.6 is an update to 2016.1.5 that provides quite a few bug fixes and a few small enhancements.

The codename for 2016.1.6 is Goode homolosine.

Bug

  • collectd does not unschedule deleted nodes (Issue NMS-5105)
  • noSuchInstance causing problems during provision scan (Issue NMS-8046)
  • Security issue for all admin vaadin applications exposed as OSGI Service (Issue NMS-8431)
  • Updating assets/categories through ReST affects Forced Unmanaged services. (Issue NMS-8879)
  • Logging for TCP output queue (Issue NMS-9291)
  • provision.pl does not create interfaces (Issue NMS-9345)
  • XSS vulnerability on quick-add node page (Issue NMS-9353)
  • XSS vulnerability on node error page (Issue NMS-9354)
  • XSS vulnerability with application names (Issue NMS-9355)
  • Thresholding on WSMan datasources appears broken (Issue NMS-9361)
  • TCP persistence strategy should output time in milliseconds, not seconds (Issue NMS-9409)
  • NullPointerException during nodeScan on devices with broken IP-MIB::ipAddressIfIndex (Issue NMS-9415)
  • Event Configuration Screen Requires Alarm Type (Issue NMS-9422)
  • SQL injection in DefaultSurveillanceViewService (Issue NMS-9476)
  • “query” parameter allows SQL injection (Issue NMS-9478)
  • Clone foreign source requisition overwrites config of other requisition without any hint or warning (Issue NMS-9481)
  • Fix ownership of users.xml (Issue NMS-9493)
  • ConcurrentModificationException thrown by Statsd (Issue NMS-9511)
  • Update copyright date in docs (Issue NMS-9516)
  • Document supported products and versions for Remedy integration (Issue NMS-9538)
  • Eventd does not respect event configuration order when reloading (Issue NMS-9551)
  • users.xml being overwritten on installation (Issue NMS-9573)

Enhancement

  • Document the logic behind the response time value reported by the SnmpMonitor (Issue NMS-9475)
  • Add parameterized SQL support to Criteria API (Issue NMS-9480)

by RangerRick at August 17, 2017 06:42 PM