Glossary of Terms


A lightweight client that runs on the infrastructure components you want to monitor. Agents self-register with the backend, send keepalive messages, and execute monitoring checks. Each agent belongs to one or more subscriptions that determine which checks the agent runs. An agent can run checks on the entity it’s installed on or by connecting to a remote proxy entity. Read more.


An asset is an executable that a check, handler, or mutator can specify as a dependency. Assets must be a tar archive (optionally gzipped) with scripts or executables within a bin folder. At runtime, the backend or agent installs required assets using the specified URL. Assets let you manage runtime dependencies without using configuration management tools. Read more.


A flexible, scalable monitoring event pipeline. The backend processes event data using filters, mutators, and handlers. It maintains configuration files, stores recent event data, and schedules monitoring checks. You can interact with the backend using the API, command line, and dashboard interfaces. Read more.


A recurring check run by the agent to determine the state of a system component or collect metrics. The backend is responsible for storing check definitions, scheduling checks, and processing event data. Check definitions specify the command to be executed, an interval for execution, one or more subscriptions, and one or more handlers to process the resulting event data. Read more.

Check hook

A command executed by the agent in response to a check result, before creating a monitoring event. Hooks create context-rich events by gathering related information based on the check status. Read more.

Check token

A placeholder used in a check definition that the agent replaces with local information before executing the check. Tokens let you fine-tune check attributes (like thresholds) on a per-entity level while re-using the check definition. Read more.


Infrastructure components that you want to monitor. Each entity runs an agent that executes checks and creates events. Events can be tied to the entity where the agent runs or a proxy entity that the agent checks remotely. Read more.


A representation of the state of an infrastructure component at a point in time, used by the backend to power the monitoring event pipeline. Event data includes the result of the check or metric (or both), the executing agent, and a timestamp. Read more.


Logical expressions that handlers evaluate before processing monitoring events. Filters can instruct handlers to allow or deny matching events based on day, time, namespace, or any attribute in the event data. Read more.


A component of the monitoring event pipeline that acts on events. Handlers can send monitoring event data to an executable (or handler plugin), a TCP socket, or a UDP socket. Read more.


An executable run by the backend prior to the handler to transform event data. Read more.


Sensu Plugins are executables designed to work with Sensu event data, either as a check plugin, mutator plugin, or handler plugin. You can write your own check executables in Go, Ruby, Python, and more, or use one of over 200 plugins shared by the Sensu Community. Read more.

Proxy Entity

Components of your infrastructure that can’t run the agent locally (like a network switch or a website) but still need to be monitored. Agents create events with information about the proxy entity in place of the local entity when running checks with a specified proxy entity id. Read more.


Role-based access control (RBAC) is Sensu’s local user management system. RBAC lets you manage users and permissions with namespaces, users, roles, and role bindings. Read more.


Objects within Sensu that can be used to specify access permissions in Sensu roles and cluster roles. Resources can be specific to a namespace (like checks and handlers) or cluster-wide (like users and cluster roles). Read more.


Command line tool that lets you interact with the backend. You can use sensuctl to create checks, view events, create users, manage cluster, and more. Read more.


Silences allow you to suppress execution of event handlers on an ad-hoc basis. You can use silencing to schedule maintenances without being overloaded with alerts. Read more.