No commit activity in last 3 years
No release in over 3 years
Sensu check plugin for executing InSpec controls
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
 Dependencies

Development

~> 2.1
~> 0.10
~> 13.0
~> 3.2
~> 3.1
~> 0.81.0
>= 0.9.11, < 1.0

Runtime

>= 1.47, < 5.0
 Project Readme

Sensu-Plugins-inspec

Sensu Bonsai Asset Build Status Gem Version

Sensu Inspec Check Plugin

  • Overview
  • Usage examples
  • Configuration
    • Sensu Go
      • Asset definition
      • Check definition
    • Sensu Core
      • Check definition
  • Functionality
  • Additional information
  • Installation from source and contributing

Overview

This check executes InSpec profiles and generates a Sensu event for each non-passing control.

Files

  • bin/check-inspec.rb

Usage

Help

check-inspec.rb

Usage: check-inspec.rb (options)
    -l, --handler HANDLER
    -d, --tests-dir /tmp/dir

Examples

Run a local profile and set Sensu event handler to example_handler:

check-inspec.rb -d /tmp/my_inspec_profile -l example_handler

Run a remote profile and set Sensu event handler to example_handler:

check-inspec.rb -d https://my-inspec-profile.s3.amazonaws.com/example-profile.tar.gz -l example_handler

Configuration

Sensu Go

Asset Registration

Assets are the best way to make use of this plugin. If you're not using an asset, please consider doing so! If you're using sensuctl 5.13 or later, you can use the following command to add the asset:

sensuctl asset add sensu-plugins/sensu-plugins-inspec

If you're using an earlier version of sensuctl, you can download the asset definition from this project's Bonsai Asset Index page.

Check definition example
---
type: CheckConfig
spec:
  command: "check-inspec.rb -d /tmp/my_inspec_profile -l example_handler"
  handlers: []
  high_flap_threshold: 0
  interval: 10
  low_flap_threshold: 0
  publish: true
  runtime_assets:
  - sensu-plugins/sensu-plugins-disk-checks
  - sensu/sensu-ruby-runtime
  subscriptions:
  - linux

Sensu Core

Check definition
{
  "checks": {
    "check-inspec": {
      "command": "check-inspec.rb -d /tmp/my_inspec_profile -l example_handler",
      "subscribers": ["linux"],
      "interval": 10,
      "refresh": 10
    }
  }
}

Functionality

check-inspec

Run inspec controls and generate a new Sensu event for each failed inspect test. This check will return critical if any inspec tests fail.

The -l option sets the handler to use in the generated Sensu events. Defaults to the default handler. The -d option sets the directory containing tests to run.