Forge Home


Check_MK installation and configuration


1,834 latest version

5.0 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.10.0 (latest)
  • 0.9.1
  • 0.8.1
released Sep 19th 2020
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x
  • Puppet >= 5.5.8 < 7.0.0
  • , , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'puppet-check_mk', '0.10.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add puppet-check_mk
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install puppet-check_mk --version 0.10.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



puppet/check_mk — version 0.10.0 Sep 19th 2020


License Build Status Puppet Forge Puppet Forge - downloads Puppet Forge - scores


The module installs and configures the Open Monitoring Distribution (OMD) which includes Nagios, check_mk and lots of other tools. Beside the server component, the module is also able to install and configure the check_mk agent.

Originally by erwbgy, then forked by gnúbila France and now maintained by Vox Pupuli.


The module has been tested with:

  • CentOS 6 and 7;
  • Debian 8 and 9;
  • Puppet version 5 and Puppet 6;
  • check_mk version 1.5.x.

Also it requires the following forge modules:

  • puppetlabs/concat
  • puppetlabs/stdlib
  • camptocamp/systemd



Basic usage

The following code will install check_mk and create one 'omd site'. Once this is done you should be able to access it by visiting:

http://<IP of the machine>/monitoring/

Debian 9:

class { 'check_mk':
  filestore => '',
  package   => 'check-mk-raw-1.5.0p19_0.stretch_amd64.deb',

CentOS 7:

class { 'check_mk':
  filestore => '',
  package   => 'check-mk-raw-1.5.0p19-el7-38.x86_64.rpm',

Before you are able to login you have to reset the default admin password:

su - monitoring
htpasswd -i ~/etc/passwd cmkadmin

Changing default site name

The following example changes the default site name from 'monitoring' to 'differentsitename'

class { 'check_mk':
  site => 'differentsitename',

Without direct internet access

For machines without direct internet connection a different 'filestore' is required. First download the required installation files on a machine with direct internet access and move the file onto the system (for example to: '/tmp').

class { 'check_mk':
  filestore => '/tmp',
  package   => 'check-mk-raw-1.5.0p19-el7-38.x86_64.rpm',

The puppet fileserver can also be used.

class { 'check_mk':
  filestore => 'puppet:///<NAME OF MOUNT POINT>',
  package   => 'check-mk-raw-1.5.0p19-el7-38.x86_64.rpm',


Basic usage

To install the check_mk agent a check_mk server needs to be up and running. Because the check_mk server will be used as a distribution point for the agent package.

Debian 9:

class { 'check_mk::agent':
  filestore => 'http://<url of the check_mk server>/monitoring/check_mk/agents/',
  package   => 'check-mk-agent_1.5.0p19-1_all.deb',

CentOS 7:

class { 'check_mk::agent':
  filestore => 'http://<url of the check_mk server>/monitoring/check_mk/agents/',
  package   => 'check-mk-agent-1.5.0p19-1.noarch.rpm',

Securing agent

The agent has the ability to implement a whitelist of check_mk servers to limited access only to those servers. To increase the security of the check_mk agent you can implement the following:

  • Encrypt communication with a secret. See the check_mk website for more information.
  • Implement whitelisting on the agent.
  • Implement a strict incoming firewall which only allows access on port 6556 from the check_mk server. The firewall can be configured using the puppetlabs/firewall module.

The following code implements a whitelist and a communication secret:

class { 'check_mk::agent':
  ip_whitelist      => [''],
  encryption_secret => 'SECRET',