License
Unknown
v0.0.6 · public · Published about 4 years ago
Sensu Tripwire is a collection of Sensu Assets, packaging up
Tripwire OSS
(version 2.4.3.7), making it easy to deploy an intrusion detection
system (IDS) to systems running the Sensu monitoring Agent.
Initialize a Tripwire database.
tripwire-init.sh
Run a full system check (and initialize the database if missing).
tripwire-check.sh
Run a Tripwire check on a specific web application.
tripwire-check.sh /var/www/*
sensuctl asset add portertech/sensu-tripwire
If you're using an earlier version of sensuctl, you can find the asset on the Bonsai Asset Index.
From the local path of the sensu-tripwire repository:
./build.sh
This project can be used in combination with the
sensu-plugins-tripwire
project.
Help (as of version 1.2.0).
Usage: check-tripwire.rb (options)
-b, --binary path/to/tripwire tripwire binary to use, in case you hide yours
-f path/to/configfile, Configuration to use for the check
--config-file
-c, --critical critical severity Tripwire severity greater than this is a critical error
-d path_or_url_to_database. if an http url is supplied the database will be retrieved prior to the check,
--database Database to use for the check
-P, --password PASSWORD Password to unlock the keyfile
-s, --site-key path/to/sitekey Site key used to decrypt the database that will be used in the validation
-w, --warn warning severity Tripwire severity greater than this is warning
Example run.
check-tripwire.rb --binary tripwire.sh --config-file /tmp/tw/tw.cfg
Register the required assets.
sensuctl asset add portertech/sensu-tripwire
sensuctl asset add sensu/sensu-ruby-runtime
sensuctl asset add sensu-plugins/sensu-plugins-tripwire
For more information about contributing to this plugin, see Contributing.
Please describe the reason for reporting this asset. Our moderators will be notified and will disable the asset if it is found to be inappropriate.
×