ENTERPRISE: Built-in integrations are available for Sensu Enterprise users only.

Puppet Integration

Overview

Deregister Sensu clients from the client registry if they no longer have an associated Puppet node. The puppet enterprise handler requires access to a SSL truststore and keystore, containing a valid (and whitelisted) Puppet certificate, private key, and CA. The local Puppet agent certificate, private key, and CA can be used.

Configuration

Example(s)

The following is an example global configuration for the puppet enterprise handler (integration).

{
  "puppet": {
    "endpoint": "https://10.0.1.12:8081/pdb/query/v4/nodes/",
    "ssl": {
      "keystore_file": "/etc/sensu/ssl/puppet/keystore.jks",
      "keystore_password": "secret",
      "truststore_file": "/etc/sensu/ssl/puppet/truststore.jks",
      "truststore_password": "secret"
    },
    "timeout": 10
  }
}

The Puppet enterprise handler is most commonly used as part of the keepalive set handler. For example:

{
  "handlers": {
    "keepalive": {
      "type": "set",
      "handlers": [
        "pagerduty",
        "puppet"
      ]
    }
  }
}

When querying PuppetDB for a node, by default, Sensu will use the Sensu client’s name for the Puppet node name. Individual Sensu clients can override the name of their corresponding Puppet node, using specific client definition attributes.

The following is an example client definition, specifying its Puppet node name.

{
  "client": {
    "name": "i-424242",
    "address": "8.8.8.8",
    "subscriptions": [
      "production",
      "webserver"
    ],
    "puppet": {
      "node_name": "webserver01.example.com"
    }
  }
}

Integration Specification

NOTE: the following integration definition attributes may be overwritten by the corresponding Sensu client definition puppet attributes, which are included in event data.

puppet attributes

The following attributes are configured within the {"puppet": {} } configuration scope.

endpoint
description
The PuppetDB API endpoint (URL). If an API path is not specified, /pdb/query/v4/nodes/ will be used.
required
true
type
String
example
"endpoint": "https://10.0.1.12:8081/pdb/query/v4/nodes/"
ssl
description
A set of attributes that configure SSL for PuppetDB API queries.
required
true
type
Hash
example
"ssl": {}

ssl attributes

The following attributes are configured within the {"puppet": { "ssl": {} } } configuration scope.

EXAMPLE
{
  "puppet": {
    "endpoint": "https://10.0.1.12:8081/pdb/query/v4/nodes/",
    "...": "...",
    "ssl": {
      "keystore_file": "/etc/sensu/ssl/puppet/keystore.jks",
      "keystore_password": "secret",
      "truststore_file": "/etc/sensu/ssl/puppet/truststore.jks",
      "truststore_password": "secret"
    }
  }
}
ATTRIBUTES
keystore_file
description
The file path for the SSL certificate keystore.
required
true
type
String
example
"keystore_file": "/etc/sensu/ssl/puppet/keystore.jks"
keystore_password
description
The SSL certificate keystore password.
required
true
type
String
example
"keystore_password": "secret"
truststore_file
description
The file path for the SSL certificate truststore.
required
true
type
String
example
"truststore_file": "/etc/sensu/ssl/puppet/truststore.jks"
truststore_password
description
The SSL certificate truststore password.
required
true
type
String
example
"truststore_password": "secret"

Start your FREE trial today.

Already using Sensu Core? Upgrade to Sensu Enterprise today to take advantage of its enterprise console, added-value features, built-in integrations, FREE annual training, and enterprise-class support.