Skip to main content

Sensu

The Sensu integration allows you to retrieve events from Sensu Core and send them to Moogsoft Onprem as events.

Refer to the LAM and Integration Reference to see the integration's default properties. When you use the integrations UI, you can only configure the visible properties.LAM and Integration Reference

If you want to implement a more complex Sensu integration with custom settings, see Configure the Sensu LAM.

See the Sensu documentation for details on Sensu components.

The Sensu integration has been validated with Sensu Core v1.8. Before you start to set up your integration, ensure you have met the following requirements:

  • You have installed and configured a Sensu Core system.

Configure the Sensu Integration

To configure the Sensu integration:

  1. Navigate to the Integrations tab.

  2. Click Sensu in the Monitoring section.

  3. Provide a unique integration name. You can use the default name or customize the name according to your needs.

  4. Set a Basic Authentication username and password.

Configure Sensu

  1. Create a Ruby file named send-events-to-moogsoft.rb in your Sensu Server's plugins folder (by default /etc/sensu/plugins/) and paste the following into it:

     #!/usr/bin/ruby
    require 'json'
    require 'socket'
    require 'net/http'
    require 'uri'
    require 'openssl'

    # To enable logging, put an absolute file location in the LOG_FILE attribute and set the DEBUG attribute to true
    LOG_FILE     = ""
    DEBUG        = false
    
    MOOG_LAM_URL = "<moog-inline-element data-ref="url"></moog-inline-element>"
    AUTH         = "<moog-inline-element data-ref="auth"></moog-inline-element>"
    
    # HTTP configuration method
    def initHttp()
       uri = URI.parse(MOOG_LAM_URL)
       http = Net::HTTP.new(uri.host, uri.port)

       if (uri.scheme == "https")
          http.use_ssl = true
          # Uncomment if you're using self-signed certificates
    
          # The absolute path of your certificate
          #cert_file = '/etc/sensu/ssl/moogsoft.cert'
          #http.ca_file = cert_file
          #http.cert = getCert(cert_file)
    
          # Uncomment to disable certificate validation
          #http.verify_mode = OpenSSL::SSL::VERIFY_NONE
       end
       return http
    end
    
    # Do not change anything below this line
    
    def log(string)
        unless (LOG_FILE.strip.empty?)
             File.open(LOG_FILE, "a+") { |file| file.puts string }
        end
    end

    def debug(s)
      if (DEBUG)
         log("[DEBUG] - " + s)
      end
    end
    
    def info(info)
      log("[INFO] - " + info.to_s)
    end
    
    def warn(warning)
     log("[WARNING] - " + warning.to_s)
    end
    
    def err(error)
     log("[ERROR] - " + error.to_s)
    end
    
    def getCert(filePath)
      raw = File.read(filePath)
      return OpenSSL::X509::Certificate.new(raw)
    end
    
    
    def sendPayloadToMoogsoft(payload)
       http = initHttp()
       request = Net::HTTP::Post.new(MOOG_LAM_URL, initheader = {'Content-Type' => 'application/json'})
       request["Authorization"] = AUTH
       request.body = payload.to_json
       response = http.request(request)
       return response
    end
    
    def getStdin()
      return ARGF.read
    end
    
    def parsePayload(stdin)
      toReturn = nil
      begin
        toReturn = JSON.parse(stdin)
      rescue JSON::ParserError => e
        err("Failed to parse standard input::" + e.to_s)
      end
      return toReturn
    end
    
    def buildMoogEvent(payload)
       moog_event = {
                       "knowledgeId"=>payload["check"]["knowledgeId"] || 0,
                       "description"=>payload["check"]["notification"] || payload["check"]["output"],
                       "payload"=>payload,
                       "ip"=>Socket.ip_address_list[1].ip_address
                    }
       return moog_event
    end
    
    def exe()
      begin
        debug("Event timestamp: " + (Time.now.to_f).to_s)
        stdin = getStdin()
        debug("Catched event: " + stdin.to_json)
    
        payload = parsePayload(stdin)
        moog_event = buildMoogEvent(payload)
    
        debug("Sending moogsoft event: " + moog_event.to_json)
        response = sendPayloadToMoogsoft(moog_event)
        if (response.code  == "200")
          info("Response from moogsoft: " + response.code + " " + response.body)
        else
          warn("Unsuccessful response from moogsoft::" + response.code + "::" + response.body)
        end
      rescue StandardError => e
         err("Unexpected error during integration::" + e.to_s)
      end
    end
    # Run integration
    exe()

    To enable logging, set LOG_FILE to a Sensu-accessible file path.

  2. Inside your conf.d folder (by default /etc/sensu/conf.d), create a JSON file named handler_moogsoft.json and paste the following into it:

    {
   "handlers": {
        "moogsoft": {
           "type": "pipe",
           "command": "ruby /etc/sensu/plugins/send-events-to-moogsoft.rb"
        }
   }
}

    Set the command field to the file you created in step 1. If you have changed the location of your plugins folder, amend the path accordingly.

  3. Ensure that you have configured a check to be handled by the custom handler. For more help, see the Sensu documentation.

After you complete the integration, Sensu sends new events to Moogsoft Onprem.

In this section: