# If you want to fill this file with all available options run the following command:
#   nscp settings --generate --add-defaults --load-all
# If you want to activate a module and bring in all its options use:
#   nscp settings --activate-module <MODULE NAME> --add-defaults
# For details run: nscp settings --help

[/settings/log]

; LOG LEVEL - Log level to use. Available levels are error,warning,info,debug,trace
level = info

; DATEMASK - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
date format = %Y-%m-%d %H:%M:%S

; FILENAME - The file to write log data to. Set this to none to disable log to file.
file name = ${exe-path}/nsclient.log

; A list of modules.
[/modules]

; CheckDisk - CheckDisk can check various file and disk related things.
CheckDisk = enabled

; CheckEventLog - Check for errors and warnings in the event log.
CheckEventLog = enabled

; CheckExternalScripts - Execute external scripts
CheckExternalScripts = enabled

; CheckHelpers - Various helper function to extend other checks.
CheckHelpers = enabled

; CheckNSCP - Use this module to check the health and status of NSClient++ itself
CheckNSCP = enabled

; CheckSystem - Various system related checks, such as CPU load, process state, service state memory usage and PDH counters.
CheckSystem = enabled

; NRPEServer - A server that listens for incoming NRPE connection and processes incoming requests.
NRPEServer = enabled

; CheckTaskSched - Check status of your scheduled jobs.
CheckTaskSched = enabled

; WEBServer - A server that listens for incoming HTTP connection and processes incoming requests. It provides both a WEB UI as well as a REST API in addition to simplifying configuration of WEB Server module.
WEBServer = enabled

; CheckNet - Network related check such as check_ping.
CheckNet = enabled

; Section for REST API
[/settings/WEB/server]

; ALLOWED HOSTS - A coma separated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges.
allowed hosts = 0.0.0.0

;CACHE ALLOWED HOSTS - If host names (DNS entries) should be cached, improves speed and security somewhat but won’t allow you to have dynamic IPs for your Nagios server.
cache allowed hosts = true

; PORT NUMBER - Port to use for REST API.
port = 8443

; CERTIFICATE - Ssl certificate to use for the ssl server
certificate = ${certificate-path}/certificate.pem

; Section for REST API roles
[/settings/WEB/server/roles]

; Role for read only - Default role for read only
client = public,info.get,info.get.version,queries.list,queries.get,queries.execute,login.get,modules.list

; Role for Full access - Default role for Full access
full = *

; Role for legacy API - Default role for legacy API
legacy = legacy,login.get

; Role for Full access - Default role for Full access
view = *

; Role for monitoring
limited=*.get

; Section for REST API users
[/settings/WEB/server/users/centreon]

password=centreon
role=limited

; Section for NRPE (NRPEServer.dll) (check_nrpe) protocol options.
[/settings/NRPE/server]

; COMMAND ARGUMENT PROCESSING - This option determines whether or not the we will allow clients to specify arguments to commands that are executed.
allow arguments = true

; COMMAND ALLOW NASTY META CHARS - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow nasty characters = true

; ALLOWED HOSTS - A coma separated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges.
allowed hosts = 192.168.67.188

; PORT NUMBER - Port to use for NRPE.
port = 5666

; Needed for long output, with check_centreon_nrpe
payload length = 8192
 
; EXTENDED RESPONSE - Send more then 1 return packet to allow response to go beyond payload size (requires modified client).
; extended response = true 
 
; ALLOW INSECURE CHIPHERS and ENCRYPTION - Only enable this if you are using legacy check_nrpe client.
insecure = true

; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = true
tls version = tlsv1.2+

; DH KEY-
dh = ${certificate-path}/nrpe_dh_2048.pem

[/settings/default]
allowed ciphers = ALL

[/settings/external scripts]
allow arguments = 1
allow nasty characters = 1

[/settings/external scripts/scripts/default]
ignore perfdata = true

[/settings/external scripts/scripts]
check_logfiles=scripts\\centreon\\check_logfiles.exe $ARG1$
check_centreon_plugins=scripts\\centreon\\centreon_plugins.exe --plugin=$ARG1$ --mode=$ARG2$ $ARG3$
; if processes hang forever, you may try this option
;kill tree = true