Skip to content

Monitor Pentests

h3-cli: Monitoring pentests

You can use h3-cli to monitor the status of a pentest. This is done by periodically polling the API to check on the pentest state.

Monitoring enables you to trigger downstream actions or alerts when a pentest completes. A pentest is fully complete when its state hits done or ended.

Here's an example shell script that periodically polls the state until the pentest is complete.

#!/bin/bash

# loop forever until the pentest reaches 'done' or 'ended' state.
while [ 1 ]; do
    res=`h3 pentest`    # returns the most recent pentest
    pentest_state=`cat <<<$res | jq -r .state`
    pentest_name=`cat <<<$res | jq -r .name`
    if [ "$pentest_state" = "done" -o "$pentest_state" = "ended" ]; then
        echo "Pentest \"$pentest_name\" is complete; state=$pentest_state"
        break           # exit the loop
    fi
    echo "Pentest \"$pentest_name\" is still active; state=$pentest_state ..."
    sleep 30            # sleep 30 seconds then loop around and retry
done