Enter your own Checkmk ideas or vote for existing ones
In order to continually improve Checkmk, we're looking for your ideas. They provide valuable input to our roadmap discussions and allow us to contact you directly for more in-depth discussions or during development. A few tips:
- Concisely describing the problem rather than the solution will help other users understand and relate to your idea.
- An idea should be easy to understand. This will increase your chances of getting votes.
- Be as specific as possible. Knowing exactly what to expect when voting on an idea makes it a much better experience for all of us when it is adapted later in Checkmk.
Further information can be found in this guide. If you have any questions, please send an email to feedback@checkmk.com.
Add support for SAML authentication with distributed sites
See ticket:
https://forum.checkmk.com/t/saml-authentication-distributed-monitoring/42839
Add agent updater registration role
Add a minimal role for registration users for the automatic agent updater.
Set time zones user-based
Currently, the time zone for CheckMK is used from the operating system. There should be an option for each user to choose their own time zone.
SAML2 for existing users (no new creation)
Currently, you can only create new users with SAML2 via EntraID, but not authenticate existing ones (e.g. which are already synchronized via LDAP anyway and the ...
First logon with SAML - automatic activation
If a new user logins with the SAML connection the first time, then an admin needs to activate the change before the user can access hosts and services.
It should be ...
Impersonate as another user to check views and dashboards
Allow an admin to impersonate himself as another user, so he/she can see & verify views/dashboards, as the other user will see them. This helps to develop views or ...
Mass editing of User attributes
If you have to add/change/remove attributes for a group of users, it can quickly become very time-consuming.
It would be very helpful if you could search for users ...
Add OpenID-Connect support
It would be wishful to have CMK (Enterprise) support OIDC as a federative method next to SAML.
Also because some public cloud-services only support(or prefer) ...
Define "contact group" in "LDAP Connection" like roles
Migrated from the forum.
Reference: https://forum.checkmk.com/t/define-contact-group-in-ldap-connection/15249
Currently, to associate “contact groups” with LDAP ...
LDAP Config via RESTAPI
Currently it is not possible to configure ldap settings via rest (bind, port, user_dn, group_dn etc.). Please made it available.
Support for LDAP via StartTLS
Currently, Checkmk has the option to securely connect to LDAP servers for user sync via “LDAPS”, also known as “LDAP over TLS/SSL”, which can be activated by ticking ...
LDAP-Connection via STARTTLS
If i had a whish for free... ;-)
It would be very nice to have the option to use a LDAP-Connection with STARTTLS for Usersync with LDAP. Some users of checkmk ...
REST API: Missing authorized_sites for Users GET enpoints
The responses of the following REST API "Users" endpoints do not include the "authorized_sites" list. Even if there is a list of "authorized_sites" defined for the ...
Configure "Authorized Sites" for LDAP accounts based on LDAP group membership
The authorized sites for an LDAP account should also be "syncable" from LDAP groups like for contact groups and roles.
Define user roles and permissions per host group and/or setup folders
This allows to have admin permissions for one set of hosts and viewer permissions on a different set. A set can be defined per host group and/or per setup folder
Better visualization of derived roles
When creating a role by deriving it from an existing one, the role overview shows a column "Modifications", giving the number of permissions deviating from the source ...
Hide Setup rules within folders without permission to users
As of now, Setup folders can be hidden from users, so that hosts within these folders are invisible to them.
This does not apply to Setup rules for said hidden ...
Two-factor authentication via SafeNet 5110+
2FA support support SafeNet 5110+
Move/Get Debug UI Option as User Profile Option
The Global settings - User interface - Debug Mode Option would be nice as a User Profile Option IMHO. Actually it can switched on/off which applies for all user and ...
Allow menu overwrites in user menu
When using non-local users it would be nice to change the links from the user menu to external source for change of password and 2fa config. Allow to set per login ...
Restrict the permission to create notifications on specific folders
It should be possible to create notifications only for hosts located in folders to which the user is also authorized.
In other words, it should not only be possible ...
Setup: Users GUI: show users with insecure password in an upper Warning list
Like shown in the update message of (cmk-update-config):
16/29 Check for insecure password hashes, enforce password reset...
Please show up the info as upper ...