NOTE: For detailed information about the certificates and keys required for mTLS authentication, read Generate certificates for your Sensu installation.įor information about using the certificates and keys to secure your configuration, read Secure Sensu. agent.pem and agent-key.pem, respectively). In the agent configuration, specify valid certificate and key files as values for the cert-file and key-file parameters (e.g.backend-1.pem and backend-1-key.pem, respectively). In the backend configuration, specify valid certificate and key files as values for the agent-auth-cert-file and agent-auth-key-file parameters (e.g.To configure the agent and backend for mTLS authentication: Sensu backends that are configured for mTLS authentication will no longer accept agent authentication via username and password.Īgents that are configured to use mTLS authentication cannot authenticate with the backend unless the backend is configured for mTLS. When mTLS is configured for both the Sensu agent and backend, the agent uses mTLS authentication instead of the default username and password authentication. Sensu-Namespace: the agent’s configured namespace in plaintext.Sensu-Subscriptions: the agent’s subscriptions in a comma-separated plaintext list.Sensu-AgentName: the agent’s configured name in plaintext.When using username and password authentication, sensu-agent also sends the following HTTP headers in requests to the backend: Sensu provides the encoded string as the value of the Authorization HTTP header - for example, Authorization: Basic YWdlbnQ6UEBzc3cwcmQh - to authenticate to the Sensu backend. The Sensu agent uses username and password authentication unless mTLS authentication has been explicitly configured.įor username and password authentication, sensu-agent joins the username and password with a colon and encodes them as a Base64 value. The default mechanism for agent authentication is built-in basic authentication with username and password. The Sensu agent authenticates to the Sensu backend via WebSocket transport by either built-in basic authentication (username and password) or mutual transport layer security (mTLS) authentication. Read the installation guide to install the agent. The Sensu agent is available for Linux, macOS, and Windows.įor Windows operating systems, the Sensu agent uses cmd.exe for the execution environment.įor all other operating systems, the Sensu agent uses the Bourne shell (sh). The Sensu agent is a lightweight client that runs on the infrastructure components you want to monitor.Īgents register with the Sensu backend as entities with type: "agent".Īgent entities are responsible for creating check and metrics events to send to the backend event pipeline. Example Sensu agent configuration file (download)
0 Comments
Leave a Reply. |