georgringer / t3monitoring Goto Github PK
View Code? Open in Web Editor NEWMonitoring service of TYPO3 extensions
License: GNU General Public License v2.0
Monitoring service of TYPO3 extensions
License: GNU General Public License v2.0
This mode can be enabled in the EM:
this enables you to show the installation to someone without compromising any information about your clients
Add cli task which sends mail for warning/errors
I actually saw this in combination with ext:formhandler https://typo3.org/extensions/repository/view/formhandler
2.02. and 2.3.1 is secure. The extension shows only the 2nd one as next secure version.
Some extensions could be marked as special:
A test which checks if the scheduler has been triggerd within the last x seconds would be great.
Please integrate an extra color for outdated items.
Example gridelements.
On a 6.2 instance gridelements 3.3.4 is installed and version 7.0.5 is shown as newer available version. Hovering the version shows the tooltip with more information, which says "typo3 6.2.0-6.2.99". This is wrong as 7.0.5 is for 7.6+ only. The dependencies seem to origin from the 3.3.4 version.
I think it would be nice to encrypt the data transferred between monitor and clients based on a pre-shared key in the extension-settings like Xavier Perseguers does in his "Central account management":
After last security releases of TYPO3 we got some installations that got patched instead of updated to a recognized secure version. We know that the version is secure (but still out-dated) and it would be a great addition to be able to white list such a version from the "not secure" list.
For instance we added a suffix to the original version like '6.2.x-76231'
base: https://assets.nagios.com/downloads/nagioscore/docs/nagioscore/4/en/security.html
There are no commands of ext:t3monitoring ./typo3/cli_dispatch.phpsh extbase help
A check for the last logged in time of each user would be nice.
Core: Exception handler (WEB): Uncaught TYPO3 Exception: #1297759968: Exception while property mapping at property path "": The identity property "Array" is no UID. | TYPO3\CMS\Extbase\Property\Exception thrown in file /SOMEPATH/t3monitoring/vendor/typo3/cms/typo3/sysext/extbase/Classes/Property/PropertyMapper.php in line 128. Requested URL: http://DOMAIN.TLD/typo3/index.php?M=tools_T3monitoringT3monitor&moduleToken=c9d9773f3a121b328497d06010e53b22e5fb8677&tx_t3monitoring_tools_t3monitoringt3monitor[action]=index&tx_t3monitoring_tools_t3monitoringt3monitor[controller]=Statistic&tx_t3monitoring_tools_t3monitoringt3monitor[__referrer]=Array&tx_t3monitoring_tools_t3monitoringt3monitor[__trustedProperties]=a:1:{s:6:%22filter%22;a:10:{s:16:%22withExtraWarning%22;i:1;s:15:%22withExtraDanger%22;i:1;s:10:%22searchWord%22;i:1;s:7:%22version%22;i:1;s:3:%22sla%22;i:1;s:16:%22withInsecureCore%22;i:1;s:16:%22withOutdatedCore%22;i:1;s:22:%22withOutdatedExtensions%22;i:1;s:22:%22withInsecureExtensions%22;i:1;s:16:%22withErrorMessage%22;i:1;}}060a74d6cd5d4cd3a1b1f0b97abdcf1ce3226328&tx_t3monitoring_tools_t3monitoringt3monitor[filter]=Array
This happens when I edit a client record within the T3 Monitor Backend Module and then hit "close" or "save and close".
TYPO3: 7.6.5
t3monitoring: latest dev-master
not only for concrete versions but branches as well
Anybody working on translations yet? If I find some time next week I would start with German translation.
1297759968: Exception while property mapping at property path "": Property "withExtraWarning" was not found in target object of type "T3Monitor\T3monitoring\Domain\Model\Dto\ClientFilterDemand". (More information)
TYPO3\CMS\Extbase\Property\Exception thrown in file
/html/typo3-t3monitoring/typo3_src-7.6.4/typo3/sysext/extbase/Classes/Property/PropertyMapper.php in line 128.
(Actual git master when I was creating this issue)
We have a few extensions which have the same name as other extensions in TER. We would like to ignore these extensions for monitoring.
I have installed the extension from github. The extension itself is available on TER, except the actually installed version. I think it would be helpful to get this info also in the overview of an client. When we analyze a new TYPO3 instance, we can get the "status" of an extension quicker.
t3monitoring
vs t3monitor
If a client could not be reached, it would be nice to be able to react:
It would be nice to have the possibility to configure blacklisted extensions for each installation. With this check all extensions that are blacklisted and are installed/present raise warnings.
'outdated_core' => [
'exclude' => 1,
'label' => 'LLL:EXT:t3monitoring/Resources/Private/Language/locallang.xlf:tx_t3monitoring_domain_model_client.insecure_extensions',
'config' => [
'readOnly' => true,
'type' => 'check',
'default' => 0
],
],
'insecure_extensions' => [
'exclude' => 1,
'label' => 'LLL:EXT:t3monitoring/Resources/Private/Language/locallang.xlf:tx_t3monitoring_domain_model_client.insecure_extensions',
'config' => [
'readOnly' => true,
'type' => 'input',
'size' => 4,
'eval' => 'int'
],
],
Add additional tags or categories to improve search
A check if password was last changed for each user would be nice.
If an extension is used in a modified way at one of the clients with a higher version number than officially available, the version is advertised as update for all other clients as well.
The version is marked as non-official correctly in DB, hence it shouldn't be suggested as update target.
Example: realurl official version latest version is 2.0.14. Latest version from git is 2.1.0. Having 2.1.0 installed at one client will show the 2.1.0 version also for all other clients.
A check on TYPO3_CONF_VARS would be nice. With this it would be possible to check if certain email addresses or bad configs like security settings are present.
Additional select for filtering insecure with states:
Wouldn't it be more convenient, if the list is sorted by "Client" by default?
One of the sites (6.2) I check does not return any data when t3monitoring collects its data.
After some debugging I found out that this is caused by one of the extensions.
Fetching data works, but converting the data array to json fails and returns an empty string then.
This is caused by the extension "libunzipped", version 2.1.0.
Ok this extension is old, but it remains in this installation since the original setup with TYPO3 4.0 in 2006.
Error is caused by the author of the extensions, and extension author is our well known fathof TYPO3, Kasper Skårhøj. And his name breaks the request...
A sortable table for the client view would be helpful. Something like https://github.com/tristen/tablesort, which also supports version numbers:)
A check if required extensions are installed exists would be good.
A secret with /
doesn't work.
Please add a direct link to to the TYPO3 Login (domain.com/typo3) on client view. Perhaps as a icon near the domain? Saves time :)
If client is created or url/secret changed, fetch client
Actually an insecure but unloaded extension is marked as insecure. In some scenarios an unsecure extension could also be vulnerable even it is not loaded.
Checks for username may not be the password and passwords may not be in a blacklist check would be good.
Security bulletins can't be fetched if the server is behind a proxy, thus leading to a time out upon trying and in consequence leaving the t3monitoring main screen unusable.
Add a field "last successful import" to track problems and the time those started.
The view suggests that there is a gridelements update available.
current version 3.3.4, update available 7.0.5
This is wrong, since the instance is a TYPO3 6.2 instance, where the latest version is 3.3.4.
The Core compatibility of the extension versions needs to be taken into account.
A check if blacklisted users are present would be good.
It would be benefitial to have a cli which could be triggered from nagios to get informations per monitored installation if warnings about extensions exists.
The current output is:
Mysql Version 1.0.24
Actual server is: 10.0.23-MariaDB-0ubuntu0.15.10.1-log - (Ubuntu)
When having insecure or outdated core for a client, you can see it at the T3Monitor backend module. But in the database and T3 list module, you can't see it
generate client secret automatically
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.