Puppet
ENTERPRISE: Built-in integrations are available for Sensu Enterprise users only.
Overview
Deregister Sensu clients from the client registry if they no longer have an
associated Puppet node. The puppet enterprise handler requires access to
a SSL truststore and keystore, containing a valid (and whitelisted) Puppet
certificate, private key, and CA. The local Puppet agent certificate, private
key, and CA can be used.
Configuration
Example(s)
The following is an example global configuration for the puppet enterprise
handler (integration).
{
"puppet": {
"endpoint": "https://10.0.1.12:8081/pdb/query/v4/nodes/",
"ssl": {
"keystore_file": "/etc/sensu/ssl/puppet/keystore.jks",
"keystore_password": "secret",
"truststore_file": "/etc/sensu/ssl/puppet/truststore.jks",
"truststore_password": "secret"
},
"timeout": 10
}
}The Puppet enterprise handler is most commonly used as part of the keepalive
set handler. For example:
{
"handlers": {
"keepalive": {
"type": "set",
"handlers": [
"pagerduty",
"puppet"
]
}
}
}When querying PuppetDB for a node, by default, Sensu will use the Sensu client’s name for the Puppet node name. Individual Sensu clients can override the name of their corresponding Puppet node, using specific client definition attributes.
The following is an example client definition, specifying its Puppet node name.
{
"client": {
"name": "i-424242",
"address": "8.8.8.8",
"subscriptions": [
"production",
"webserver"
],
"puppet": {
"node_name": "webserver01.example.com"
}
}
}Integration Specification
NOTE: the following integration definition attributes may be overwritten by
the corresponding Sensu client definition puppet attributes, which are
included in event data.
puppet attributes
The following attributes are configured within the {"puppet": {} }
configuration scope.
| endpoint | |
|---|---|
| description | The PuppetDB API endpoint (URL). If an API path is not specified, /pdb/query/v4/nodes/ will be used. |
| required | true |
| type | String |
| example | |
| ssl | |
|---|---|
| description | A set of attributes that configure SSL for PuppetDB API queries. |
| required | true |
| type | Hash |
| example | |
ssl attributes
The following attributes are configured within the {"puppet": { "ssl": {} } }
configuration scope.
EXAMPLE
{
"puppet": {
"endpoint": "https://10.0.1.12:8081/pdb/query/v4/nodes/",
"...": "...",
"ssl": {
"keystore_file": "/etc/sensu/ssl/puppet/keystore.jks",
"keystore_password": "secret",
"truststore_file": "/etc/sensu/ssl/puppet/truststore.jks",
"truststore_password": "secret"
}
}
}ATTRIBUTES
| keystore_file | |
|---|---|
| description | The file path for the SSL certificate keystore. |
| required | true |
| type | String |
| example | |
| keystore_password | |
|---|---|
| description | The SSL certificate keystore password. |
| required | true |
| type | String |
| example | |
| truststore_file | |
|---|---|
| description | The file path for the SSL certificate truststore. |
| required | true |
| type | String |
| example | |
| truststore_password | |
|---|---|
| description | The SSL certificate truststore password. |
| required | true |
| type | String |
| example | |
| http_proxy | |
|---|---|
| description | The URL of a proxy to be used for HTTP requests. |
| required | false |
| type | String |
| example | |
| timeout | |
|---|---|
| description | The handler execution duration timeout in seconds (hard stop). |
| required | false |
| type | Integer |
| default | 10 |
| example | |
