Elasticsearch - 'network.host': is not allowed

Elastic Stack Elasticsearch
1

I am using ElasticCloud , version v7.12.1, I have sat up a watcher for health check of cluster that it looks like below:

    PUT _watcher/watch/cluster_health_watch
    {
      "trigger" : {
        "schedule" : { "cron" : "0 0/5 * * * ?" }
      },
      "input" : {
        "http" : {
          "request" : {
            "host" : "localhost",
            "port" : 9200,
            "path" : "/_cluster/health",
            "auth": {
              "basic": {
                "username": "Myuser",
                "password": "mypassword"
              }
            }
          }
        }
      },
      "condition" : {
        "compare" : {
          "ctx.payload.status" : { "not_eq" : "green" }
        }
      },
      "actions" : {
      "slackmonitoring" : {
        "throttle_period" : "5m",
        "slack" : {
          "message" : {
            "to" : [ "test-webhook" ], 
            "text" : "Cluster is Unhealthy!" 
          }
        }
      }}
    }

It fails with this error:

"input": {
      "type": "http",
      "status": "failure",
      "error": {
        "root_cause": [
          {
            "type": "http_host_connect_exception",
            "reason": "Connect to localhost:9200 [localhost/127.0.0.1] failed: Connection refused"
          }
        ],

After doing some search, someone suggested to add:
network.host: 127.0.0.1 to elasticsearch.yml
However when I add it and try to save it I get this error:

Elasticsearch - 'network.host': is not allowed

I could not find any documentation regarding this issue and a solution for it, I would appreciate if someone can help.

2

IMO you would need to use the public endpoint of your Elasticsearch instance instead.

Something like:

"input" : {
  "http" : {
    "request" : {
      "url" : "https://REDACTED.cloud.es.io:9243/_cluster/health",
      "auth" : {
        "basic" : {
          "username" : "Myuser",
          "password" : "mypassword"
        }
      }
    }
  }
}
3

Thanks for reply.
After setting the public endpoint the state became OK :+1: but it doesn't send message to slack and I can see error: 404 Not found under the execution history:

(Just mentioning that in order to test the slack notification I changed the condition to eq: green. the slack notification works fine if I remove the input just for testing purpose)

{
  "watch_id": "cluster_health_watch",
  "node": "*****",
  "state": "execution_not_needed",
  "user": "******",
  "status": {
    "state": {
      "active": true,
      "timestamp": "2021-05-11T10:58:04.326Z"
    },
    "last_checked": "2021-05-11T11:05:00.232Z",
    "actions": {
      "slackmonitoring": {
        "ack": {
          "timestamp": "2021-05-11T10:58:04.326Z",
          "state": "awaits_successful_execution"
        }
      }
    },
    "execution_state": "execution_not_needed",
    "version": -1
  },
  "trigger_event": {
    "type": "schedule",
    "triggered_time": "2021-05-11T11:05:00.232Z",
    "schedule": {
      "scheduled_time": "2021-05-11T11:05:00.000Z"
    }
  },
  "input": {
    "http": {
      "request": {
        "scheme": "https",
        "host": "****.eu-west-1.aws.found.io",
        "port": 9243,
        "method": "get",
        "path": "/_cluster/health",
        "params": {},
        "headers": {},
        "auth": {
          "basic": {
            "username": "****",
            "password": "****"
          }
        }
      }
    }
  },
  "condition": {
    "compare": {
      "ctx.payload.status": {
        "eq": "green"
      }
    }
  },
  "result": {
    "execution_time": "2021-05-11T11:05:00.232Z",
    "execution_duration": 79,
    "input": {
      "type": "http",
      "status": "success",
      "payload": {
        "_headers": {
          "date": [
            "Tue, 11 May 2021 11:05:00 GMT"
          ],
          "content-length": [
            "60"
          ],
          "kbn-name": [
            "******"
          ],
          "kbn-license-sig": [
            "*****"
          ],
          "x-cloud-request-id": [
            "*****"
          ],
          "content-type": [
            "application/json; charset=utf-8"
          ],
          "x-found-handling-cluster": [
            "*****"
          ],
          "cache-control": [
            "private, no-cache, no-store, must-revalidate"
          ],
          "x-found-handling-instance": [
            "instance-0000000000"
          ]
        },
        "error": "Not Found",
        "message": "Not Found",
        "_status_code": 404,
        "statusCode": 404
      },
      "http": {
        "request": {
          "host": "****.eu-west-1.aws.found.io",
          "port": 9243,
          "scheme": "https",
          "method": "get",
          "path": "/_cluster/health",
          "auth": {
            "basic": {
              "username": "****",
              "password": "****"
            }
          }
        },
        "status_code": 404
      }
    },
    "condition": {
      "type": "compare",
      "status": "success",
      "met": false,
      "compare": {
        "resolved_values": {
          "ctx.payload.status": null
        }
      }
    },
    "actions": []
  },
  "messages": []
}

How can I fix that? and why am I getting that error?

4

Are you sure that you put the Elasticsearch URL and not the Kibana URL?

1 Like
5

Oh yes...I used kibana endpoint by mistake. Thanks for your help. It works fine now.

6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.