**good day **
I'm trying to configure the emails to send me notification of a watcher alert, and configure in elasticsearch.yml, runs it without error, but when I run the alert I get this error, also configure the passwords but I do not understand why this comes out.
{
"watch_id": "_inlined_",
"node": "-xhVXkfDTZ68p3QqbSV9Cw",
"state": "executed",
"status": {
"state": {
"active": true,
"timestamp": "2020-11-24T16:19:23.984Z"
},
"last_checked": "2020-11-24T16:19:23.985Z",
"last_met_condition": "2020-11-24T16:19:23.985Z",
"actions": {
"send_email": {
"ack": {
"timestamp": "2020-11-24T16:19:23.984Z",
"state": "awaits_successful_execution"
},
"last_execution": {
"timestamp": "2020-11-24T16:19:23.985Z",
"successful": false,
"reason": ""
}
}
},
"execution_state": "executed",
"version": -1
},
"trigger_event": {
"type": "manual",
"triggered_time": "2020-11-24T16:19:23.985Z",
"manual": {
"schedule": {
"scheduled_time": "2020-11-24T16:19:23.985Z"
}
}
},
"input": {
"search": {
"request": {
"search_type": "query_then_fetch",
"indices": [
"hear*"
],
"rest_total_hits_as_int": true,
"body": {
"size": 0,
"query": {
"bool": {
"filter": [
{
"range": {
"@timestamp": {
"gte": "{{ctx.trigger.scheduled_time}}||-2m",
"lte": "{{ctx.trigger.scheduled_time}}",
"format": "strict_date_optional_time||basic_time_no_millis"
}
}
},
{
"term": {
"monitor.name": "windows7"
}
}
]
}
},
"aggs": {
"metricAgg": {
"max": {
"field": "summary.down"
}
}
}
}
}
}
},
"condition": {
"script": {
"source": "if (ctx.payload.aggregations.metricAgg.value >= params.threshold) { return true; } return false;",
"lang": "painless",
"params": {
"threshold": 0.8
}
}
},
"metadata": {
"name": "Prueba alerta caida conexion",
"xpack": {
"type": "json"
}
},
"result": {
"execution_time": "2020-11-24T16:19:23.985Z",
"execution_duration": 10,
"input": {
"type": "search",
"status": "success",
"payload": {
"_shards": {
"total": 1,
"failed": 0,
"successful": 1,
"skipped": 0
},
"hits": {
"hits": [],
"total": 2,
"max_score": null
},
"took": 3,
"timed_out": false,
"aggregations": {
"metricAgg": {
"value": 1
}
}
},
"search": {
"request": {
"search_type": "query_then_fetch",
"indices": [
"hear*"
],
"rest_total_hits_as_int": true,
"body": {
"size": 0,
"query": {
"bool": {
"filter": [
{
"range": {
"@timestamp": {
"gte": "2020-11-24T16:19:23.985273193Z||-2m",
"lte": "2020-11-24T16:19:23.985273193Z",
"format": "strict_date_optional_time||basic_time_no_millis"
}
}
},
{
"term": {
"monitor.name": "windows7"
}
}
]
}
},
"aggs": {
"metricAgg": {
"max": {
"field": "summary.down"
}
}
}
}
}
}
},
"condition": {
"type": "script",
"status": "success",
"met": true
},
"transform": {
"type": "script",
"status": "success",
"payload": {
"time_triggered": "2020-11-24 11:19:23"
}
},
"actions": [
{
"id": "send_email",
"type": "email",
"status": "failure",
"error": {
"root_cause": [
{
"type": "messaging_exception",
"reason": "failed to send email with subject [Prueba alerta caida conexion] via account [exchange_account]"
}
],
"type": "messaging_exception",
"reason": "failed to send email with subject [Prueba alerta caida conexion] via account [exchange_account]",
"caused_by": {
"type": "authentication_failed_exception",
"reason": "failed to connect, no password specified?"
}
}
}
]
},
"messages": []
}
this is the watcher's source code...
{
"trigger": {
"schedule": {
"interval": "2m"
}
},
"input": {
"search": {
"request": {
"search_type": "query_then_fetch",
"indices": [
"hear*"
],
"rest_total_hits_as_int": true,
"body": {
"size": 0,
"query": {
"bool": {
"filter": [
{
"range": {
"@timestamp": {
"gte": "{{ctx.trigger.scheduled_time}}||-2m",
"lte": "{{ctx.trigger.scheduled_time}}",
"format": "strict_date_optional_time||basic_time_no_millis"
}
}
},
{
"term": {
"monitor.name": "windows7"
}
}
]
}
},
"aggs": {
"metricAgg": {
"max": {
"field": "summary.down"
}
}
}
}
}
}
},
"condition": {
"script": {
"source": "if (ctx.payload.aggregations.metricAgg.value >= params.threshold) { return true; } return false;",
"lang": "painless",
"params": {
"threshold": 0.8
}
}
},
"actions": {
"send_email": {
"throttle_period_in_millis": 86400000,
"email": {
"profile": "standard",
"attach_data": {
"format": "yaml"
},
"to": [
"juan.jaramillo@megadvantage.com"
],
"subject": "{{ctx.metadata.name}}",
"body": {
"text": "Prueba de que el equipo se ha caido esta es la hora: {{ctx.payload.time_triggered}}"
}
}
}
},
"transform": {
"script": {
"source": "return [ 'time_triggered': Instant.ofEpochMilli(ctx.trigger.triggered_time.getMillis()).atZone(ZoneId.of('America/Bogota')).format(DateTimeFormatter.ofPattern('YYYY-MM-dd HH:mm:ss')) ];",
"lang": "painless"
}
}
}
finally this is the code in nano elasticsearch.yml
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
# Before you set out to tweak and tune the configuration, make sure you
# understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
#cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
#node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
#network.host: 192.168.0.1
#
# Set a custom port for HTTP:
#
#http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#discovery.seed_hosts: ["host1", "host2"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
#cluster.initial_master_nodes: ["node-1", "node-2"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
#gateway.recover_after_nodes: 3
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
xpack.notification.email.account:
exchange_account:
profile: outlook
email_defaults:
from: juan.jaramillo@megadvantage.com
smtp:
auth: true
starttls.enable: true