Skip to content

Monitor Pentests

You can use h3-cli to monitor the status of a pentest. This is done by periodically polling the API to check on the pentest state.

Monitoring enables you to trigger downstream actions or alerts when a pentest completes. A pentest is fully complete when its state is done or ended.

Example script to poll the pentest status until it completes.

#!/bin/bash

# loop forever until the pentest reaches 'done' or 'ended' state.
while [ 1 ]; do
    res=`h3 pentest`    # returns the most recent pentest
    pentest_state=`cat <<<$res | jq -r .state`
    pentest_name=`cat <<<$res | jq -r .name`
    if [ "$pentest_state" = "done" -o "$pentest_state" = "ended" ]; then
        echo "Pentest \"$pentest_name\" is complete; state=$pentest_state"
        break           # exit the loop
    fi
    echo "Pentest \"$pentest_name\" is still active; state=$pentest_state ..."
    sleep 30            # sleep 30 seconds then loop around and retry
done

Next Step

CLI Guides
Learn how to deploy, schedule pentests, monitor, and parse results.
Paginate results
Handle large result sets efficiently with pagination