Hello everyone,

I am trying to configure Watcher and send an email and/or slack messages. To do this I know that I need to configure the elasticsearch.yml file and add an email sender. But after my configuration, as you can see below, I can't even able to start elasticsearch service in the RockNSM suite. Can you please help me about the configuration below? Is there something wrong?

cluster.name: rocknsm
node.name: localhost
path.data: /data/elasticsearch
path.logs: /var/log/elasticsearch
bootstrap.memory_lock: true
network.host: local:ipv4
discovery.zen.minimum_master_nodes: 1

discovery.type: single-node

action.auto_create_index: True
action.destructive_requires_name: true

Node Roles

node.master: true
node.data: true
node.ingest: true

watcher.actions.slack.service:
account:
monitoring:
url: https://hooks.slack.com/services/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
message_defaults:
from: Watcher
xpack.notification.email.account:
outlook_account:
profile: outlook
smtp:
auth: true
starttls.enable: true
host: smtp-mail.outlook.com
port: 587
user: aaa@outlook.com
password: bbb

please do not paste configuration files in here. Either use proper formatting (this forum uses markdown) or put it in a gist. This way the indentation gets lost, which makes it impossible to debug your issue.

Also, sharing the output of starting elasticsearch along with specifying the elasticsearch version would help a lot.

Thanks!

Hello Alexander,

Thank you for your return, I solve the sending slack message part but still have problem with sending an email. You can find the exact formatting below. You can also find the version below;
"minimum_wire_compatibility_version" : "6.7.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"

what exactly is the problem? the account cannot be found or something else? Did you restart all nodes?

So the final situation is, even can't start elasticsearch service when I don't put additional command for sending email and slack message. My elasticsearch.yml file configuration and systemctl status elasticsearch -l command output are in below.

Elasticsearch.yml configuration:

cluster.name: rocknsm
node.name: localhost
path.data: /data/elasticsearch
path.logs: /var/log/elasticsearch
bootstrap.memory_lock: true
network.host: local:ipv4
discovery.zen.minimum_master_nodes: 1

discovery.type: single-node

action.auto_create_index: True
action.destructive_requires_name: true

Node Roles

node.master: true
node.data: true
node.ingest: true
~ ~

systemctl status elasticsearch -l command output;

elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/elasticsearch.service.d
└─override.conf
Active: failed (Result: exit-code) since Thu 2020-02-13 03:42:45 UTC; 7min ago
Docs: http://www.elastic.co
Process: 11096 ExecStart=/usr/share/elasticsearch/bin/elasticsearch -p ${PID_DIR}/elasticsearch.pid --quiet (code=exited, status=1/FAILURE)
Main PID: 11096 (code=exited, status=1/FAILURE)

Feb 13 03:42:45 localhost elasticsearch[11096]: at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:150)
Feb 13 03:42:45 localhost elasticsearch[11096]: at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86)
Feb 13 03:42:45 localhost elasticsearch[11096]: at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)
Feb 13 03:42:45 localhost elasticsearch[11096]: at org.elasticsearch.cli.Command.main(Command.java:90)
Feb 13 03:42:45 localhost elasticsearch[11096]: at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:115)
Feb 13 03:42:45 localhost elasticsearch[11096]: at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:92)
Feb 13 03:42:45 localhost elasticsearch[11096]: Refer to the log for complete error details.
Feb 13 03:42:45 localhost systemd[1]: elasticsearch.service: main process exited, code=exited, status=1/FAILURE
Feb 13 03:42:45 localhost systemd[1]: Unit elasticsearch.service entered failed state.
Feb 13 03:42:45 localhost systemd[1]: elasticsearch.service failed.

Please share more information, like the logfiles, and share the exact, complete configuration file in a gist (as the indendation is important). Otherwise it will be impossible to help.

See also https://www.elastic.co/guide/en/elasticsearch/reference/7.5/starting-elasticsearch.html#start-es-deb-systemd

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.