Pandora FMS API Bugs and Security Issues #204
Comments
|
Thanks for the ticket.
|
|
Regarding item number 2, even if you add a new API to indicate OK/OUTDATED, it is still desirable to retrieve the actual date and time since the agent/module was last reachable. Given that this is already tracked in the database, I imagine it would not be difficult to make the information available via the API. How about adding two API calls: "agent_last_reachable" and "module_last_reachable" for that purpose? Thanks p.s. Out of curiosity, do you have a rough idea when (months or years from now) the 2.0 API will be introduced? |
|
In the new API function we will add the last reachable date. Regarding the new API, we don't have a release date yet. We are also looking forward to release it but we are still working on it. Thanks for your feedback! |
Hi,
The following issues are present in the Pandora FMS API:
Under "tree_agents," the following typos exist in "other" field options:
a) "agent_comentary" should be "agent_commentary"
b) "agent_last_contant" should be "agent_last_contact"
The second issue is that both agent_last_conta[c]t and agent_last_remote_contact return the exact same date and time values, which end up being the last time the agent was checked. I would expect one of those to return the last time the agent was successfully contacted. As is, none of the API options is able to provide information on the last time an agent contact attempt succeeded. This information is available via web UI but is curiously not exposed via the API.
The API, also under "tree_agent" (and possibly other places), exposes the admin username and password via the fields "module_plugin_user" and "module_plugin_pass"
I am using Pandora FMS 763; however, these are long-standing bugs that have been present at least as far back as version 74x.
Thanks
The text was updated successfully, but these errors were encountered: