Elasticsearch enable watcher - email notifications

Hello,
I would like to ask You for help,
I have one-node elasticsearch with kibana on kubernetes.
I need to have on kibana watcher email notifications enabled but don't know how to do from elasticsearch yml file.

Right now I have emails option greyed from kibana side with coment "configure elasticsearch.yml"

Can someone help me ?

Welcome to our community! :smiley:

Have you been over Watcher settings in Elasticsearch | Elasticsearch Guide [7.14] | Elastic?

hello, warkolm
thanks for reply, yes I saw this website but have small question,
as I uderstand this section :

"actions" : {
  "send_email" : { 
    "email" : { 
      "to" : "username@example.org", 
      "subject" : "Watcher Notification", 
      "body" : "{{ctx.payload.hits.total}} error logs found" 
    }
  }
}

should be only included in elasticsearch.yml and
xpack.watcher.enabled yes ?

I have on kibana also 4 spaces - how can I set options only for one space ?

Can someone help me with this email notifications from elasticsearch yml file ?
I addedd section in elasticsearch yml file

xpack.watcher.enabled: true
xpack.notification.email.account:
  gmail_account:
    profile: gmail
      smtp:
        auth: true
        starttls.enable: true
        host: smtp.gmail.com
        port: 587
        user: dominbdg

but the problem is that - elasticsearch don't want to start with this configuration.
when - from documentation try to launch :

bin/elasticsearch-keystore add xpack.notification.email.account.gmail_account.smtp.secure_password

I'm getting error:

Caused by: com.fasterxml.jackson.dataformat.yaml.snakeyaml.error.MarkedYAMLException: mapping values are not allowed here
 in 'reader', line 87, column 11:
          smtp:

Most likely You have a yml syntax / formatting error in that section.. either in it or after it.. that's what the error indicates.

@stephenb
Thanks for that - You were right - there was an improper formatting.

I have also a question - we have local openrelay in my company. Is it possible to use it or I have to have regular mail account for watcher emails ?

I don't know... Try it :wink:

It expects an SMTP endpoint.

@stephenb - You are right - using normal email server works.
I have a small question - when I need to use ssl - how to do it ?
I have below configuration:

xpack.notification.email.account:
    gmail_account:
        profile: gmail
        smtp:
            auth: true
            starttls.enable: true
            host: smtp.gmail.com
            port: 587
            user: <username>

is it possible that instead of starttls.enable I can use ssl.enable and change port to ssl ?

I do not see ssl.enable as a valid option in the docs. Perhaps just set to the ssl port and try it.

In the docs here

If it is a self signed certificate you may need to add additional settings

Curious why not use

starttls.enable: true

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.