Select Supported Platforms

Select Supported Architectures

Select Tier

Github Name

v0.0.7 · public · Published 8 months ago

Asset Definition
Release Notes
Release Assets

Sensu Tripwire

Bonsai Asset Badge

Table of Contents


Sensu Tripwire is a collection of Sensu Assets, packaging up
Tripwire OSS
(version, making it easy to deploy an intrusion detection
system (IDS) to systems running the Sensu monitoring Agent.

The Tripwire assets are currently compiled for amd64 systems, on
Alpine Linux (3.9.5), CentOS (6 and 7), and Debian (Stretch). The
included wrapper shell scripts are opinionated and include Tripwire
policy that may be less than ideal for your systems. If you run into
issues using the assets, please open a GitHub

Usage examples

Initialize a Tripwire database.

Run a full system check (and initialize the database if missing).

Run a Tripwire check on a specific web application. /var/www/*


Asset registration

sensuctl asset add portertech/sensu-tripwire

If you're using an earlier version of sensuctl, you can find the asset on the Bonsai Asset Index.

Building Tripwire Assets

Docker is required to build the Tripwire assets.

From the local path of the sensu-tripwire repository:


Additional notes

This project can be used in combination with the

Help (as of version 1.2.0).

Usage: check-tripwire.rb (options)
    -b, --binary path/to/tripwire    tripwire binary to use, in case you hide yours
    -f path/to/configfile,           Configuration to use for the check
    -c, --critical critical severity Tripwire severity greater than this is a critical error
    -d path_or_url_to_database. if an http url is supplied the database will be retrieved prior to the check,
        --database                   Database to use for the check
    -P, --password PASSWORD          Password to unlock the keyfile
    -s, --site-key path/to/sitekey   Site key used to decrypt the database that will be used in the validation
    -w, --warn warning severity      Tripwire severity greater than this is warning

Register the required assets.

sensuctl asset add portertech/sensu-tripwire
sensuctl asset add sensu/sensu-ruby-runtime
sensuctl asset add sensu-plugins/sensu-plugins-tripwire

Example Sensu check configuration.

type: CheckConfig
api_version: core/v2
  name: tripwire
  command: check-tripwire.rb --binary --config-file /tmp/tw/tw.cfg
  interval: 30
  - portertech/sensu-tripwire
  - sensu-plugins/sensu-plugins-tripwire
  - sensu/sensu-ruby-runtime
  - linux
  publish: true


For more information about contributing to this plugin, see Contributing.

Are you sure you want to report this asset?

Please describe the reason for reporting this asset. Our moderators will be notified and will disable the asset if it is found to be inappropriate.


You must be signed in to report this asset.

Sign In with Github



Either download the source code:

Download Source

Or download the asset definition: