I’m currently playing around with Sensu and trying to work out how to achieve two specific requirements:
1 - Route alerts using external reference data
2 - Enrich alerts using external reference data
Assuming we have multiple systems that master different domains, what’s the best way for Sensu to tap into this rich data to use in a filter, check or a handler?
Any direction on an recommended approaches would be greatly appreciated!
Hey,
So if you can annotate the sensu entity associated with the check, that would be the most flexible way to enrich the event, as the entity annotations are available during the filter step. If you are using centrally managed entities in Sensu, you have a couple of different patterns you can use to do that. One pattern is a discovery subscription that runs a number of different checks that call an enrichment handler designed to annotate the entity record.
Take a look at
and
This is sort of a reference implementation of this entity annotation enrichment pattern.