sensu / sensu-slack-handler

The Sensu Go Slack handler for notifying a channel.
https://sensu.io
MIT License
3 stars 26 forks source link

Bonsai Asset Badge Build Status

Sensu Slack Handler

Overview

The Sensu Slack Handler is a Sensu Event Handler that sends event data to a configured Slack channel.

Usage examples

Help output

Help:

Usage:
  sensu-slack-handler [flags]
  sensu-slack-handler [command]

Available Commands:
  help        Help about any command
  version     Print the version number of this plugin

Flags:
  -a, --alert-on-critical             The Slack notification will alert the channel with @channel
  -c, --channel string                The channel to post messages to (default "#general")
  -t, --description-template string   The Slack notification output template, in Golang text/template format (default "{{ .Check.Output }}")
  -h, --help                          help for sensu-slack-handler
  -i, --icon-url string               A URL to an image to use as the user avatar (default "https://www.sensu.io/img/sensu-logo.png")
  -u, --username string               The username that messages will be sent as (default "sensu")
  -w, --webhook-url string            The webhook url to send messages to

Environment variables

Argument Environment Variable
--webhook-url SLACK_WEBHOOK_URL
--channel SLACK_CHANNEL
--username SLACK_USERNAME
--icon-url SLACK_ICON_URL
--description-template SLACK_DESCRIPTION_TEMPLATE
--alert-on-critical SLACK_ALERT_ON_CRITICAL

Security Note: Care should be taken to not expose the webhook URL for this handler by specifying it on the command line or by directly setting the environment variable in the handler definition. It is suggested to make use of secrets management to surface it as an environment variable. The handler definition above references it as a secret. Below is an example secrets definition that make use of the built-in env secrets provider.

---
type: Secret
api_version: secrets/v1
metadata:
  name: slack-webhook-url
spec:
  provider: env
  id: SLACK_WEBHOOK_URL

Templates

This handler provides options for using templates to populate the values provided by the event in the message sent via Slack. More information on template syntax and format can be found in the documentation

Annotations

All arguments for this handler are tunable on a per entity or check basis based on annotations. The annotations keyspace for this handler is sensu.io/plugins/slack/config.

NOTE: Due to check token substituion, supplying a template value such as for description-template as a check annotation requires that you place the desired template as a golang string literal (enlcosed in backticks) within another template definition. This does not apply to entity annotations.

Per-entity and per-check arguments set in entity and check annotations will override any arguments set in the handler command with flags or in backend runtime environment variables.

Examples

Suppose that you configure the a Slack handler whose command sets the --channel flag to #monitoring. For one particular entity, you want to use the Slack handler, but you want the entity's incidents to go to the #special-alerts Slack channel.

Update the entity definition to include an annotation that specifies the #special-alerts channel:

# /etc/sensu/agent.yml example
annotations:
  sensu.io/plugins/slack/config/channel: '#special-alerts'

For this one entity, the Slack handler will send alerts to the #special-alerts channel (the entity annotation overrides the handler command flag). For all other entites, the Slack handler will send alerts to the #monitoring channel as configured in the handler command flag.

Configuration

Asset registration

Assets are the best way to make use of this handler. If you're not using an asset, please consider doing so! If you're using sensuctl 5.13 or later, you can use the following command to add the asset:

sensuctl asset add sensu/sensu-slack-handler

If you're using an earlier version of sensuctl, you can download the asset definition from this project's Bonsai Asset Index page.

Handler definition

Create the handler using the following handler definition:

---
api_version: core/v2
type: Handler
metadata:
  namespace: default
  name: slack
spec:
  type: pipe
  command: sensu-slack-handler --channel '#general' --username 'sensu'
  filters:
  - is_incident
  runtime_assets:
  - sensu/sensu-slack-handler
  secrets:
  - name: SLACK_WEBHOOK_URL
    secret: slack-webhook-url
  timeout: 10

Note: The library used in the Sensu SDK for this plugin requires that if your Slack webhook URL is listed as an environment variable, the URL cannot be surrounded by quotes.

Security Note: The Slack webhook URL should always be treated as a security sensitive configuration option and in this example, it is loaded into the handler configuration as an environment variable using a secret. Command arguments are commonly readable from the process table by other unprivaledged users on a system (ex: ps and top commands), so it's a better practise to read in sensitive information via environment variables or configuration files on disk. The --webhook-url flag is provided as an override for testing purposes.

Check definition

api_version: core/v2
type: CheckConfig
metadata:
  namespace: default
  name: dummy-app-healthz
spec:
  command: check-http -u http://localhost:8080/healthz
  subscriptions:
  - dummy
  publish: true
  interval: 10
  handlers:
  - slack

Proxy Support

This handler supports the use of the environment variables HTTP_PROXY, HTTPS_PROXY, and NO_PROXY (or the lowercase versions thereof). HTTPS_PROXY takes precedence over HTTP_PROXY for https requests. The environment values may be either a complete URL or a "host[:port]", in which case the "http" scheme is assumed.

Installing from source and contributing

Download the latest version of the sensu-slack-handler from releases, or create an executable from this source.

Compiling

From the local path of the sensu-slack-handler repository:

go build

To contribute to this plugin, see CONTRIBUTING