I would like to be able to write an alert (watch) that executes a webhook on a schedule like every hour and sends a notification email if error http statuses occur. Is this supported, or do I have to have one watch to run the scheduled webhook and another watch to monitor the first watch's results?
This is a common use-case. Your watch would look like this
- Input: The input would be a search over the data from the last hour, that would be filtered based on the error condition (i.e. status code greater than equals 400 or 500 for example)
- Condition: Your condition would check if the number of hits returned by that search is greater than zero
- Action: Your action would be the sending of the email
Hope this helps!
--Alex
This helps. I have made some progress. I have this watch that uses a chained input to get the results of a http input but I'm unable to access the result in the condition script which doesn't work. I'd like to be able to get the http status_code and the input.status in case the http call completely fails
{
"trigger": {
"schedule": {
"hourly": {
"minute": [ 5 ]
}
}
},
"input": {
"chain": {
"inputs": [
{
"jira_http": {
"http": {
"request": {
"scheme": "https",
"host": "jira.mydomain.com",
"port": 443,
"method": "get",
"path": "/rest/api/2/issue/createmeta?projectKeys=MY-KEY",
"params": {},
"headers": {
"Authorization": "Basic {{ctx.metadata.JIRA_Authorization}}"
}
}
}
}
}
]
}
},
"condition": {
"script": {
"source": "return ctx.payload.jira_http.status != "success" || ctx.payload.jira_http._status_code != 200",
"lang": "painless"
}
},
"actions": {
"email_report": {
"email": {
"profile": "standard",
"to": [
"me@myemail.com"
],
"subject": "{{ctx.metadata.email_subject}}",
"body": {
"html": "
{{ctx.metadata.email_body_header}}
ctx.payload.jira_http : [{{ctx.payload.jira_http}}]
Executed watch [{{ctx.watch_id}}] at [{{ctx.execution_time}}].Do not reply to this email. The sending account is not monitored."
}
}
}
},
"metadata": {
"email_body_header": "ES WATCHER TEST: JIRA connectivity test FAILED TEST Environment",
"JIRA_Authorization": "SECRET",
"email_subject": "ES WATCHER TEST: JIRA connectivity test FAILED TEST Environment"
}
}
When I simulate the watch I get this result
How do I access the field marked with *** in the condition
"result": {
"execution_time": "2019-04-03T21:08:08.986Z",
"execution_duration": 722,
"input": {
"type": "chain",
"status": "success",
"payload": {
"jira_http": {
"_headers": {
"date": [
"Wed, 03 Apr 2019 21:08:08 GMT"
],
"server": [
"Apache"
],
"x-asessionid": [
"k3w8p1"
],
"transfer-encoding": [
"chunked"
],
"vary": [
"Accept-Encoding,User-Agent"
],
"x-frame-options": [
"ALLOWALL",
"SAMEORIGIN"
],
"strict-transport-security": [
"max-age=63072000; includeSubDomains"
],
"set-cookie": [
"JSESSIONID=498D7941D9B863F712644D3D09CAE9F1;path=/;Secure;HttpOnly"
],
"x-seraph-loginreason": [
"OK"
],
"keep-alive": [
"timeout=15, max=1000"
],
"content-security-policy": [
"frame-ancestors *.mydomain.com *.sharepoint.com ;",
"frame-ancestors 'self'"
],
"x-content-type-options": [
"nosniff"
],
"x-xss-protection": [
"1; mode=block"
],
"x-ausername": [
"myfakeusername"
],
"x-arequestid": [
"968x7492054x5"
],
"connection": [
"Keep-Alive"
],
"content-type": [
"application/json;charset=UTF-8"
],
"served-by": [
"epig-01"
],
"cache-control": [
"no-cache, no-store, no-transform,"
],
"x-asen": [
"SEN-L13339226"
]
},
"expand": "projects",
"projects": ,
"_status_code": 200
}
},
"chain": {
"jira_http": {
"type": "http",
"status": "success", ***
"payload": {
"_headers": {
"date": [
"Wed, 03 Apr 2019 21:08:08 GMT"
],
"server": [
"Apache"
],
"x-asessionid": [
"k3w8p1"
],
"transfer-encoding": [
"chunked"
],
"vary": [
"Accept-Encoding,User-Agent"
],
"x-frame-options": [
"ALLOWALL",
"SAMEORIGIN"
],
"strict-transport-security": [
"max-age=63072000; includeSubDomains"
],
"set-cookie": [
"JSESSIONID=498D7941D9B863F712644D3D09CAE9F1;path=/;Secure;HttpOnly"
],
"x-seraph-loginreason": [
"OK"
],
"keep-alive": [
"timeout=15, max=1000"
],
"content-security-policy": [
"frame-ancestors *.mydomain.com *.sharepoint.com ;",
"frame-ancestors 'self'"
],
"x-content-type-options": [
"nosniff"
],
"x-xss-protection": [
"1; mode=block"
],
"x-ausername": [
"myfakeusername"
],
"x-arequestid": [
"968x7492054x5"
],
"connection": [
"Keep-Alive"
],
"content-type": [
"application/json;charset=UTF-8"
],
"served-by": [
"epig-01"
],
"cache-control": [
"no-cache, no-store, no-transform,"
],
"x-asen": [
"SEN-L13339226"
]
},
"expand": "projects",
"projects": ,
"_status_code": 200 ***
},
"http": {
"request": {
"host": "jira.mydomain.com",
"port": 443,
"scheme": "https",
"method": "get",
"path": "/rest/api/2/issue/createmeta?projectKeys=MY-KEY",
"headers": {
"Authorization": "Basic MySecret"
}
},
"status_code": 200
}
}
}
}
please take the time to properly format your messages, this is nearly impossible to read.
You can only access data within the payload
field.
The important part is I have a chained http input named jira_http that returns a result that includes a _status_code field. I want the action of my watch to execute if _status_code != 200
"condition": {
"script": {
"source": "return ctx.payload.jira_http._status_code != 200",
"lang": "painless"
}
ctx.payload.jira_http contains the _status_code field as shown, but the syntax for accessing it in the condition script isn't working.
[{_headers={date=[Wed, 03 Apr 2019 21:42:06 GMT], ..... _status_code=200}]
that field is within the ._headers
field, which you are not referring to in the script
This condition worked. It does not seem possible to access the chained input's status field.
"condition": {
"compare": {
"ctx.payload.jira_http._status_code": {
"not_eq": 200
}
}
}
both of these work for me. do they fail on your side?
POST _xpack/watcher/watch/_execute
{
"watch": {
"trigger": {
"schedule": {
"interval": "10h"
}
},
"input": {
"chain": {
"inputs": [
{
"first": {
"http": {
"request": {
"url" : "https://httpbin.org/status/233"
}
}
}
}
]
}
},
"condition": {
"script": "return ctx.payload.first._status_code == 233"
},
"actions": {
"logme": {
"logging": {
"text": "{{ctx}}"
}
}
}
}
}
POST _xpack/watcher/watch/_execute
{
"watch": {
"trigger": {
"schedule": {
"interval": "10h"
}
},
"input": {
"chain": {
"inputs": [
{
"first": {
"http": {
"request": {
"url": "https://httpbin.org/status/233"
}
}
}
}
]
}
},
"condition": {
"compare": {
"ctx.payload.first._status_code": {
"eq": 233
}
}
},
"actions": {
"logme": {
"logging": {
"text": "{{ctx}}"
}
}
}
}
}
Yes it works on my end -- You essentially posted the same thing as my last post.
The value I was attempting to access is the result.success field from the watch result below. Since this value is at the same level as payload instead of inside it I now understand it is not available. The payload.{input_name}._status_code condition test will be sufficient.
"result": {
"execution_time": "2019-04-03T21:08:08.986Z",
"execution_duration": 722,
"input": {
"type": "chain",
"status": "success",
"payload": {....}
Thank you for responding
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.