Elasticsearch - 'network.host': is not allowed

I am using ElasticCloud , version v7.12.1, I have sat up a watcher for health check of cluster that it looks like below:

    PUT _watcher/watch/cluster_health_watch
    {
      "trigger" : {
        "schedule" : { "cron" : "0 0/5 * * * ?" }
      },
      "input" : {
        "http" : {
          "request" : {
            "host" : "localhost",
            "port" : 9200,
            "path" : "/_cluster/health",
            "auth": {
              "basic": {
                "username": "Myuser",
                "password": "mypassword"
              }
            }
          }
        }
      },
      "condition" : {
        "compare" : {
          "ctx.payload.status" : { "not_eq" : "green" }
        }
      },
      "actions" : {
      "slackmonitoring" : {
        "throttle_period" : "5m",
        "slack" : {
          "message" : {
            "to" : [ "test-webhook" ], 
            "text" : "Cluster is Unhealthy!" 
          }
        }
      }}
    }

It fails with this error:

"input": {
      "type": "http",
      "status": "failure",
      "error": {
        "root_cause": [
          {
            "type": "http_host_connect_exception",
            "reason": "Connect to localhost:9200 [localhost/127.0.0.1] failed: Connection refused"
          }
        ],

After doing some search, someone suggested to add:
network.host: 127.0.0.1 to elasticsearch.yml
However when I add it and try to save it I get this error:

Elasticsearch - 'network.host': is not allowed

I could not find any documentation regarding this issue and a solution for it, I would appreciate if someone can help.

IMO you would need to use the public endpoint of your Elasticsearch instance instead.

Something like:

"input" : {
  "http" : {
    "request" : {
      "url" : "https://REDACTED.cloud.es.io:9243/_cluster/health",
      "auth" : {
        "basic" : {
          "username" : "Myuser",
          "password" : "mypassword"
        }
      }
    }
  }
}

Thanks for reply.
After setting the public endpoint the state became OK :+1: but it doesn't send message to slack and I can see error: 404 Not found under the execution history:

(Just mentioning that in order to test the slack notification I changed the condition to eq: green. the slack notification works fine if I remove the input just for testing purpose)

{
  "watch_id": "cluster_health_watch",
  "node": "*****",
  "state": "execution_not_needed",
  "user": "******",
  "status": {
    "state": {
      "active": true,
      "timestamp": "2021-05-11T10:58:04.326Z"
    },
    "last_checked": "2021-05-11T11:05:00.232Z",
    "actions": {
      "slackmonitoring": {
        "ack": {
          "timestamp": "2021-05-11T10:58:04.326Z",
          "state": "awaits_successful_execution"
        }
      }
    },
    "execution_state": "execution_not_needed",
    "version": -1
  },
  "trigger_event": {
    "type": "schedule",
    "triggered_time": "2021-05-11T11:05:00.232Z",
    "schedule": {
      "scheduled_time": "2021-05-11T11:05:00.000Z"
    }
  },
  "input": {
    "http": {
      "request": {
        "scheme": "https",
        "host": "****.eu-west-1.aws.found.io",
        "port": 9243,
        "method": "get",
        "path": "/_cluster/health",
        "params": {},
        "headers": {},
        "auth": {
          "basic": {
            "username": "****",
            "password": "****"
          }
        }
      }
    }
  },
  "condition": {
    "compare": {
      "ctx.payload.status": {
        "eq": "green"
      }
    }
  },
  "result": {
    "execution_time": "2021-05-11T11:05:00.232Z",
    "execution_duration": 79,
    "input": {
      "type": "http",
      "status": "success",
      "payload": {
        "_headers": {
          "date": [
            "Tue, 11 May 2021 11:05:00 GMT"
          ],
          "content-length": [
            "60"
          ],
          "kbn-name": [
            "******"
          ],
          "kbn-license-sig": [
            "*****"
          ],
          "x-cloud-request-id": [
            "*****"
          ],
          "content-type": [
            "application/json; charset=utf-8"
          ],
          "x-found-handling-cluster": [
            "*****"
          ],
          "cache-control": [
            "private, no-cache, no-store, must-revalidate"
          ],
          "x-found-handling-instance": [
            "instance-0000000000"
          ]
        },
        "error": "Not Found",
        "message": "Not Found",
        "_status_code": 404,
        "statusCode": 404
      },
      "http": {
        "request": {
          "host": "****.eu-west-1.aws.found.io",
          "port": 9243,
          "scheme": "https",
          "method": "get",
          "path": "/_cluster/health",
          "auth": {
            "basic": {
              "username": "****",
              "password": "****"
            }
          }
        },
        "status_code": 404
      }
    },
    "condition": {
      "type": "compare",
      "status": "success",
      "met": false,
      "compare": {
        "resolved_values": {
          "ctx.payload.status": null
        }
      }
    },
    "actions": []
  },
  "messages": []
}

How can I fix that? and why am I getting that error?

Are you sure that you put the Elasticsearch URL and not the Kibana URL?

1 Like

Oh yes...I used kibana endpoint by mistake. Thanks for your help. It works fine now.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.