Opsview Knowledge Center

Variables, Security and Encryption

Variable Seucity and Encrpytion in Opsview Monitor

Opsview Monitor allows for arguments of Variables to be encrypted on a system-wide basis. This means that an administrator can create a new Variable called %MYLOGINDETAILS%, with arg1 as the username and arg2 as the password.

The administrator can set the 'arg2' field as encrypted, meaning any value entered here cannot be retrieved once the 'submit changes' button is saved. The 'eye' icon will show when text has been entered but not saved, whereas when the text has been saved, the text box below will show:

In the variable where an argument has been encrypted, the value entered can never be retrieved. It can however be reset, i.e. the password can be reset in the example above.

When the Variable above is added to a Host, the encrypted field can be seen below:

An administrator/user can then choose to check the 'Override Password' box which will enable text entry:

By default, newly installed Opsview Monitor systems encrypt the password arguments of the following Variables:

  • MSSQLCREDENTIALS
  • MYSQLCREDENTIALS
  • ORACREDENTIALS
  • VMWAREGUESTCREDENTIALS
  • VMWAREHOSTCREDENTIALS
  • WINCREDENTIALS

For users upgrading from Opsview 4.5.3 and below, Opsview Monitor will not 'auto encrypt' password values, as we do not want to potentially destroy the only copies of passwords for certain systems; therefore, administrators who are upgrading from 4.5.3 and lower must manually encrypt their Variables (formerly known as 'attributes').

Variables, Security and Encryption

Variable Seucity and Encrpytion in Opsview Monitor