Having issues with remediation

Jennifer_Fountain · April 1, 2014, 4:45pm

I am trying to get remediation working with sensu and having no luck.

Any insight would be very helpful

···

{

“handlers”: {

“remediator”: {

“type”: “pipe”,

“command”: “/etc/sensu/community/handlers/remediation/remediation.rb”

}

},

“checks”: {

“fail_with_remediation”: {

“command”: “/usr/bin/ruby /etc/sensu/community/plugins/processes/check-procs.rb -p overdraft -W 1”,

“interval”: 60,

“standalone”: true,

“publish”: false,

“subscribers”: [“overdraft”],

“handlers”: [“remediator”],

“remediation”: {

“occurrences”: [“2+”],

“severities”: [2]

}

},

“remediation”: {

“command”: “/bin/touch /tmp/remediation_this_shit”,

“standalone”: true,

“publish”: false,

“interval”: 60,

“subscribers”: [“overdraft”]

}

Nick_Stielau · April 2, 2014, 5:20pm

Hey Jennifer,

It might be that the ‘standalone’ setting for the remediation check. I’m not sure if the ‘publish:false’ actually disables that if it is standalone. I would put standalone:false and publish:false.

Nick

···

On Tuesday, April 1, 2014 9:45:15 AM UTC-7, Jennifer Fountain wrote:

I am trying to get remediation working with sensu and having no luck.

Any insight would be very helpful

{

“handlers”: {

“remediator”: {

“type”: “pipe”,

“command”: “/etc/sensu/community/handlers/remediation/remediation.rb”

}

},

“checks”: {

“fail_with_remediation”: {

“command”: “/usr/bin/ruby /etc/sensu/community/plugins/processes/check-procs.rb -p overdraft -W 1”,

“interval”: 60,

“standalone”: true,

“publish”: false,

“subscribers”: [“overdraft”],

“handlers”: [“remediator”],

“remediation”: {

“occurrences”: [“2+”],

“severities”: [2]

}

},

“remediation”: {

“command”: “/bin/touch /tmp/remediation_this_shit”,

“standalone”: true,

“publish”: false,

“interval”: 60,

“subscribers”: [“overdraft”]

}

Jennifer_Fountain · April 2, 2014, 6:28pm

Hi

Thanks for getting back to me. I did change it to look like this:

{
“checks”: {
“check_with_remediation”: {
“command”: “/usr/bin/ruby /etc/sensu/community/plugins/processes/check-procs.rb -p jenntest -W 1”,
“interval”: 60,
“subscribers”: [“test”],
“handlers”: [“remediator”],
“remediation”: {
“light_remediation”: {
“occurrences”: [1, 2],
“severities”: [1]
},
“medium_remediation”: {
“occurrences”: [“3-10”],
“severities”: [1]
},
“heavy_remediation”: {
“occurrences”: [“1+”],
“severities”: [2]
}
}
},
“light_remediation”: {
“command”: “/bin/touch /tmp/remediation_light”,
“subscribers”: [“test”],
“handlers”: [“mailer”],
“publish”: false
},
“medium_remediation”: {
“command”: “/bin/touch /tmp/remediation_light”,
“subscribers”: [“test”],
“handlers”: [“mailer”],
“publish”: false
},
“heavy_remediation”: {
“command”: “/bin/touch /tmp/remediation_light”,
“subscribers”: [“test”],
“handlers”: [“mailer”],
“publish”: false
}
}
}

and it appears to be working according to the log:

{“timestamp”:“2014-04-02T11:56:23.168189-0400”,“level”:“info”,“message”:“handling event”,“event”:{“client”:{“name”:“testserver.local.net”,“address”:“10.1.2.3”,“subscriptions”:[“default”,“test”],“timestamp”:1396454165},“check”:{“command”:“/usr/bin/ruby /etc/sensu/community/plugins/processes/check-procs.rb -p jenntest -W 1”,“interval”:60,“subscribers”:[“test”],“handlers”:[“remediator”],“remediation”:{“light_remediation”:{“occurrences”:[1,2],“severities”:[1]},“medium_remediation”:{“occurrences”:[“3-10”],“severities”:[1]},“heavy_remediation”:{“occurrences”:[“1+”],“severities”:[2]}},“name”:“check_with_remediation”,“issued”:1396454183,“executed”:1396454183,“output”:“CheckProcs CRITICAL: Found 0 matching processes; cmd /jenntest/\n”,“status”:2,“duration”:0.104,“history”:[“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”]},“occurrences”:1212,“action”:“create”},“handler”:{“type”:“pipe”,“command”:“/etc/sensu/community/handlers/remediation/sensu.rb”,“name”:“remediator”}}
{“timestamp”:“2014-04-02T11:56:23.282658-0400”,“level”:“info”,“message”:“handler output”,“handler”:{“type”:“pipe”,“command”:“/etc/sensu/community/handlers/remediation/sensu.rb”,“name”:“remediator”},“output”:“REMEDIATION: Evaluating remediation: testserver.local.net {"light_remediation"=>{"occurrences"=>[1, 2], "severities"=>[1]}, "medium_remediation"=>{"occurrences"=>["3-10"], "severities"=>[1]}, "heavy_remediation"=>{"occurrences"=>["1+"], "severities"=>[2]}} #=1212 sev=2\n”}
{“timestamp”:“2014-04-02T11:56:23.282813-0400”,“level”:“info”,“message”:“handler output”,“handler”:{“type”:“pipe”,“command”:“/etc/sensu/community/handlers/remediation/sensu.rb”,“name”:“remediator”},“output”:“REMEDIATION: Matchdata: #<MatchData "1+" 1:"1">\n”}
{“timestamp”:“2014-04-02T11:56:23.282856-0400”,“level”:“info”,“message”:“handler output”,“handler”:{“type”:“pipe”,“command”:“/etc/sensu/community/handlers/remediation/sensu.rb”,“name”:“remediator”},“output”:“REMEDIATION: Triggering remediation check ‘heavy_remediation’ for ["testserver.local.net"]\n”}
{“timestamp”:“2014-04-02T11:56:23.282892-0400”,“level”:“info”,“message”:“handler output”,“handler”:{“type”:“pipe”,“command”:“/etc/sensu/community/handlers/remediation/sensu.rb”,“name”:“remediator”},“output”:“REMEDIATION: Recieved API Response (202): {"issued":1396454183}, exiting.\n”}

But I do not see the file on the server. Any help would be appreciated and I will send you beer or whatever

thanks!!

···

On Wednesday, April 2, 2014 1:20:01 PM UTC-4, Nick Stielau wrote:

Hey Jennifer,

It might be that the ‘standalone’ setting for the remediation check. I’m not sure if the ‘publish:false’ actually disables that if it is standalone. I would put standalone:false and publish:false.

Nick

On Tuesday, April 1, 2014 9:45:15 AM UTC-7, Jennifer Fountain wrote:

I am trying to get remediation working with sensu and having no luck.

Any insight would be very helpful

{

“handlers”: {

“remediator”: {

“type”: “pipe”,

“command”: “/etc/sensu/community/handlers/remediation/remediation.rb”

}

},

“checks”: {

“fail_with_remediation”: {

“command”: “/usr/bin/ruby /etc/sensu/community/plugins/processes/check-procs.rb -p overdraft -W 1”,

“interval”: 60,

“standalone”: true,

“publish”: false,

“subscribers”: [“overdraft”],

“handlers”: [“remediator”],

“remediation”: {

“occurrences”: [“2+”],

“severities”: [2]

}

},

“remediation”: {

“command”: “/bin/touch /tmp/remediation_this_shit”,

“standalone”: true,

“publish”: false,

“interval”: 60,

“subscribers”: [“overdraft”]

}

Oluwaseun_Obajobi · May 18, 2014, 8:07pm

Same here too, has anyone been able to find an update?

I keep seeing this sensu-api log but nothing on the subscriber

{“timestamp”:“2014-05-19T00:04:28.743815+0400”,“level”:“info”,“message”:“publishing check request”,“payload”:{“name”:“light_remediation”,“command”:“touch /tmp/hello.txt”,“issued”:1400443468},“subscribers”:[“test”]}

···

On Wednesday, April 2, 2014 10:28:24 PM UTC+4, Jennifer Fountain wrote:

Hi

Thanks for getting back to me. I did change it to look like this:

{
“checks”: {
“check_with_remediation”: {
“command”: “/usr/bin/ruby /etc/sensu/community/plugins/processes/check-procs.rb -p jenntest -W 1”,
“interval”: 60,
“subscribers”: [“test”],
“handlers”: [“remediator”],
“remediation”: {
“light_remediation”: {
“occurrences”: [1, 2],
“severities”: [1]
},
“medium_remediation”: {
“occurrences”: [“3-10”],
“severities”: [1]
},
“heavy_remediation”: {
“occurrences”: [“1+”],
“severities”: [2]
}
}
},
“light_remediation”: {
“command”: “/bin/touch /tmp/remediation_light”,
“subscribers”: [“test”],
“handlers”: [“mailer”],
“publish”: false
},
“medium_remediation”: {
“command”: “/bin/touch /tmp/remediation_light”,
“subscribers”: [“test”],
“handlers”: [“mailer”],
“publish”: false
},
“heavy_remediation”: {
“command”: “/bin/touch /tmp/remediation_light”,
“subscribers”: [“test”],
“handlers”: [“mailer”],
“publish”: false
}
}
}

and it appears to be working according to the log:

{“timestamp”:“2014-04-02T11:56:23.168189-0400”,“level”:“info”,“message”:“handling event”,“event”:{“client”:{“name”:“testserver.local.net”,“address”:“10.1.2.3”,“subscriptions”:[“default”,“test”],“timestamp”:1396454165},“check”:{“command”:“/usr/bin/ruby /etc/sensu/community/plugins/processes/check-procs.rb -p jenntest -W 1”,“interval”:60,“subscribers”:[“test”],“handlers”:[“remediator”],“remediation”:{“light_remediation”:{“occurrences”:[1,2],“severities”:[1]},“medium_remediation”:{“occurrences”:[“3-10”],“severities”:[1]},“heavy_remediation”:{“occurrences”:[“1+”],“severities”:[2]}},“name”:“check_with_remediation”,“issued”:1396454183,“executed”:1396454183,“output”:“CheckProcs CRITICAL: Found 0 matching processes; cmd /jenntest/\n”,“status”:2,“duration”:0.104,“history”:[“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”]},“occurrences”:1212,“action”:“create”},“handler”:{“type”:“pipe”,“command”:“/etc/sensu/community/handlers/remediation/sensu.rb”,“name”:“remediator”}}
{“timestamp”:“2014-04-02T11:56:23.282658-0400”,“level”:“info”,“message”:“handler output”,“handler”:{“type”:“pipe”,“command”:“/etc/sensu/community/handlers/remediation/sensu.rb”,“name”:“remediator”},“output”:“REMEDIATION: Evaluating remediation: testserver.local.net {"light_remediation"=>{"occurrences"=>[1, 2], "severities"=>[1]}, "medium_remediation"=>{"occurrences"=>["3-10"], "severities"=>[1]}, "heavy_remediation"=>{"occurrences"=>["1+"], "severities"=>[2]}} #=1212 sev=2\n”}
{“timestamp”:“2014-04-02T11:56:23.282813-0400”,“level”:“info”,“message”:“handler output”,“handler”:{“type”:“pipe”,“command”:“/etc/sensu/community/handlers/remediation/sensu.rb”,“name”:“remediator”},“output”:“REMEDIATION: Matchdata: #<MatchData "1+" 1:"1">\n”}
{“timestamp”:“2014-04-02T11:56:23.282856-0400”,“level”:“info”,“message”:“handler output”,“handler”:{“type”:“pipe”,“command”:“/etc/sensu/community/handlers/remediation/sensu.rb”,“name”:“remediator”},“output”:“REMEDIATION: Triggering remediation check ‘heavy_remediation’ for ["testserver.local.net"]\n”}
{“timestamp”:“2014-04-02T11:56:23.282892-0400”,“level”:“info”,“message”:“handler output”,“handler”:{“type”:“pipe”,“command”:“/etc/sensu/community/handlers/remediation/sensu.rb”,“name”:“remediator”},“output”:“REMEDIATION: Recieved API Response (202): {"issued":1396454183}, exiting.\n”}

But I do not see the file on the server. Any help would be appreciated and I will send you beer or whatever

thanks!!

On Wednesday, April 2, 2014 1:20:01 PM UTC-4, Nick Stielau wrote:

Hey Jennifer,

It might be that the ‘standalone’ setting for the remediation check. I’m not sure if the ‘publish:false’ actually disables that if it is standalone. I would put standalone:false and publish:false.

Nick

On Tuesday, April 1, 2014 9:45:15 AM UTC-7, Jennifer Fountain wrote:

I am trying to get remediation working with sensu and having no luck.

Any insight would be very helpful

{

“handlers”: {

“remediator”: {

“type”: “pipe”,

“command”: “/etc/sensu/community/handlers/remediation/remediation.rb”

}

},

“checks”: {

“fail_with_remediation”: {

“command”: “/usr/bin/ruby /etc/sensu/community/plugins/processes/check-procs.rb -p overdraft -W 1”,

“interval”: 60,

“standalone”: true,

“publish”: false,

“subscribers”: [“overdraft”],

“handlers”: [“remediator”],

“remediation”: {

“occurrences”: [“2+”],

“severities”: [2]

}

},

“remediation”: {

“command”: “/bin/touch /tmp/remediation_this_shit”,

“standalone”: true,

“publish”: false,

“interval”: 60,

“subscribers”: [“overdraft”]

}

Topic		Replies	Views
Remediation not working? Sensu Classic (EOL)	1	429	November 22, 2018
[Newbie] need help on /usr/bin/env: ruby : Permission denied (check) Sensu Classic (EOL)	1	1188	November 22, 2018
Trying to move to using embedded ruby but it's not being picked up Sensu Classic (EOL)	4	830	July 29, 2015
Embedded Ruby and Gems for Plugins and other questions Sensu Classic (EOL)	1	635	July 21, 2015
embedded Ruby vs. system Ruby Sensu Classic (EOL)	2	869	September 2, 2014

Having issues with remediation

Related Topics