Dynamically create Pagerduty integrations


(Djtecha) #1

Is there a way to use the API to create pagerduty accounts for xpack watcher actions? Or do you have to define them in the elasticsearch.yml file and restart every node every time? because that would be insane :slight_smile:


(Djtecha) #2

Like... This post gets called but then it still sends to my default integration

{
  "persistent": {
    "xpack": {
      "notification": {
        "pagerduty": {
          "default_account": "monitoring",
          "account": {
            "elasticsearch-logs": {
              "service_api_key": "32489287429387"
            },
            "kibana-logs": {
              "service_api_key": "23489237492234"
            },
            "logstash-logs": {
              "service_api_key": "23487234982734"
            }
          }
        }
      }
    }
  }
}```

(Alexander Reelsen) #3

you can create pagerduty accounts using the command line keystore tool (so they are stored securely). See https://www.elastic.co/guide/en/elastic-stack-overview/6.5/actions-pagerduty.html#configuring-pagerduty

You can dynamically reload the secure settings, see https://www.elastic.co/guide/en/elasticsearch/reference/6.5/secure-settings.html#reloadable-secure-settings

Hope this helps!


(Djtecha) #4

Interesting, yea so the name has to exist in the keystore otherwise it uses the first one found... That could be documented better imho. Also, this means there is no way to dynamically control this? as in even if I wanted plain text I couldn't? Or is there some encryption in ES I could use to store it in the cluster vs rolling it out to ever single node and restarting each one. I'm not on 6.5 yet so I don't have the option to run that update keystore part.


(Alexander Reelsen) #5

you could still use the update cluster settings API to store the service key in 6.x