The current release of service.monitor is characterized by small improvements, updates and further support of the BSI security guidelines.
service.monitor Monitoring
For authentication purposes the monitoring always used a security.manager. From now on, a simple, internal authentication is used in the standard delivery. However, customers who use several con terra products can still integrate with security.manager.
There are small improvements in the monitoring in the areas of authentication in the services under Monitoring and in the Expectations introduced in the last version. Token authentication is now offered for ArcGIS Server services. The service.monitor user stores username and password, service.monitor dynamically retrieves a token to be added to the monitoring request. HTTP Header Expectations make it possible to check a correct server response even more effectively for the needs of administrators. It can be checked whether a certain HTTP header is present in the response, as well as simple comparison operations on the values of the HTTP headers (use case: Is the returned image larger than 10 kbyte?).
With regard to the BSI safety guidelines, measures have been taken to ensure that the product conforms to the requirements there. This applies in particular to the validation of user input as well as a significant reduction in the number of third-party libraries with vulnerabilities according to Open Web Application Security Project (OWASP).
service.monitor Analytics
Analytics now officially integrates with all versions of map.apps and security.manager available at the time of release. Detail improvements with positive effects for data protection and operation have been made in the service.monitor Analytics Logstash Pipeline. User names are now always anonymized. To simplify the maintenance of the Elasticsearch index files, the Analytics events are now stored separately according to their event type. Events with a low value for the operator of the product can be removed regularly and easily from the database.
The product now supports a runtime environment with Apache Tomcat 9 and OpenJDK/OpenJRE 8, as well as PostgreSQL 10. All changes can be found in the Release Notes.