Tessen reference

Tessen is the Sensu call-home service. It is enabled by default on Sensu backends. Tessen sends anonymized data about Sensu instances to Sensu Inc., including the version, cluster size, number of events processed, and number of resources created (like checks and handlers). We rely on Tessen data to understand how Sensu is being used and make informed decisions about product improvements. Read Announcing Tessen, the Sensu call-home service to learn more about Tessen.

All data submissions are logged for complete transparency at the info log level and transmitted over HTTPS. See Troubleshooting to set the Sensu backend log level and view logs.

Configure Tessen

You can use the Tessen API and sensuctl to view your Tessen configuration. If you are using an unlicensed Sensu instances, you can also use the Tessen API and sensuctl to opt in or opt out of Tessen.

NOTE: Tessen is enabled by default on Sensu backends and required for licensed Sensu instances. If you have a licensed instance and want to opt out of Tessen, contact your account manager.

To manage Tessen configuration for your unlicensed instance with sensuctl, configure sensuctl as the default admin user.

To see Tessen status:

sensuctl tessen info

To opt out of Tessen:

sensuctl tessen opt-out

NOTE: For licensed Sensu instances, the Tessen configuration setting will automatically override to opt-in at runtime.

You can use the --skip-confirm flag to skip the confirmation step:

sensuctl tessen opt-out --skip-confirm

To opt in to Tessen:

sensuctl tessen opt-in

Tessen specification

Top-level attributes

type
description Top-level attribute that specifies the sensuctl create resource type. Tessen configuration should always be type TessenConfig.
required Required for Tessen configuration in wrapped-json or yaml format for use with sensuctl create.
type String
example
"type": "TessenConfig"
api_version
description Top-level attribute that specifies the Sensu API group and version. For Tessen configuration in this version of Sensu, the api_version should always be core/v2.
required Required for Tessen configuration in wrapped-json or yaml format for use with sensuctl create.
type String
example
"api_version": "core/v2"
spec
description Top-level map that includes Tessen configuration spec attributes.
required Required for Tessen configuration in wrapped-json or yaml format for use with sensuctl create.
type Map of key-value pairs
example
"spec": {
  "opt_out": false
}

Spec attributes

opt_out
description true to opt out of Tessen. Otherwise, false. Tessen is enabled by default on Sensu backends and required for licensed Sensu instances.
required true
type Boolean
default false
example
opt_out": false

Tessen configuration example

This example is in wrapped-jsonformat for use with sensuctl create. To manage Tessen for unlicensed Sensu instances with the Tessen API, use non-wrapped json format as shown in the API docs.

type: TessenConfig
api_version: core/v2
spec:
  opt_out: false
{
  "type": "TessenConfig",
  "api_version": "core/v2",
  "spec": {
    "opt_out": false
  }
}

Tessen metrics log examples

For unlicensed instances that opt in to Tessen and all licensed instances, Sensu sends various metrics back to the Tessen service. In the example metrics log below, Sensu is sending the number of check hooks back to the Tessen service.

{
    "component": "tessend",
    "level": "debug",
    "metric_name": "hook_count",
    "metric_value": 2,
    "msg": "collected a metric for tessen",
    "time": "2019-09-16T09:02:11Z"
}

Sensu also sends other metrics, such as the number of handlers:

{
    "component": "tessend",
    "level": "debug",
    "metric_name": "handler_count",
    "metric_value": 10,
    "msg": "collected a metric for tessen",
    "time": "2019-09-16T09:02:06Z"
}

Or the number of filters:

{
    "component": "tessend",
    "level": "debug",
    "metric_name": "filter_count",
    "metric_value": 4,
    "msg": "collected a metric for tessen",
    "time": "2019-09-16T09:02:01Z"
}

Or the number of authentication providers, secrets providers, and secrets:

{
    "component": "tessend",
    "level": "debug",
    "metric_name": "auth_provider_count",
    "metric_value": 2,
    "msg": "collected a metric for tessen",
    "time": "2020-03-30T15:16:42-04:00"
}
{
    "component": "tessend",
    "level": "debug",
    "metric_name": "secret_provider_count",
    "metric_value": 1,
    "msg": "collected a metric for tessen",
    "time": "2020-03-30T15:17:12-04:00"
}
{
    "component": "tessend",
    "level": "debug",
    "metric_name": "secret_count",
    "metric_value": 1,
    "msg": "collected a metric for tessen",
    "time": "2020-03-30T15:16:17-04:00"
}

If you opt into Tessen, you can view all of the metrics in the logs:

journalctl _COMM=sensu-backend.service

To view the events on-disk, see Log Sensu services with systemd.