Enabling email notifications

AMiura · June 26, 2019, 5:46am

I'm trying to enable xpack.watcher.encrypt_sensitive_data on Elasticsearch 7.1 so I can have passwords not in plain text. Any time I try to set it to true in elasticsearch.yml it crashes when trying to start. In the logs I have a bunch of Debug & Warn entries but only the 1 Error

[2019-06-25T22:17:46,858][ERROR][o.e.b.Bootstrap          ] [ELK-test] Exception
java.lang.NullPointerException: null
    at org.elasticsearch.common.io.Streams.readFully(Streams.java:214) ~[elasticsearch-7.1.1.jar:7.1.1]
    at org.elasticsearch.common.io.Streams.readFully(Streams.java:208) ~[elasticsearch-7.1.1.jar:7.1.1]
    at org.elasticsearch.xpack.core.watcher.crypto.CryptoService.readSystemKey(CryptoService.java:94) ~[?:?]
    at org.elasticsearch.xpack.core.watcher.crypto.CryptoService.<init>(CryptoService.java:82) ~[?:?]
    at org.elasticsearch.xpack.watcher.Watcher.createComponents(Watcher.java:265) ~[?:?]
    at org.elasticsearch.node.Node.lambda$new$9(Node.java:440) ~[elasticsearch-7.1.1.jar:7.1.1]
    at java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:271) ~[?:?]
    at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1654) ~[?:?]
    at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) ~[?:?]
    at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) ~[?:?]
    at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913) ~[?:?]
    at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[?:?]
    at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578) ~[?:?]
    at org.elasticsearch.node.Node.<init>(Node.java:443) ~[elasticsearch-7.1.1.jar:7.1.1]
    at org.elasticsearch.node.Node.<init>(Node.java:252) ~[elasticsearch-7.1.1.jar:7.1.1]
    at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:211) ~[elasticsearch-7.1.1.jar:7.1.1]
    at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:211) ~[elasticsearch-7.1.1.jar:7.1.1]
    at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:325) [elasticsearch-7.1.1.jar:7.1.1]
    at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) [elasticsearch-7.1.1.jar:7.1.1]
    at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:150) [elasticsearch-7.1.1.jar:7.1.1]
    at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) [elasticsearch-7.1.1.jar:7.1.1]
    at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) [elasticsearch-cli-7.1.1.jar:7.1.1]
    at org.elasticsearch.cli.Command.main(Command.java:90) [elasticsearch-cli-7.1.1.jar:7.1.1]
    at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:115) [elasticsearch-7.1.1.jar:7.1.1]
    at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:92) [elasticsearch-7.1.1.jar:7.1.1]

elasticsearch.yml

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
#cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: ELK-test
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 128.120.32.166
#
# Set a custom port for HTTP:
#
http.port: 9242
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#discovery.seed_hosts: ["", "host2"]
discovery.type: single-node
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
#cluster.initial_master_nodes: ["node-1", "node-2"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
#gateway.recover_after_nodes: 3
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true

#thread_pool:
#    bulk:
#        size: 48
#        queue_size: 400

xpack.watcher.enabled: true
xpack.monitoring.elasticsearch.collection.enabled: true
xpack.monitoring.collection.enabled: true

#xpack.watcher.encrypt_sensitive_data: true

xpack.notification.email.account:
  outlook_account:
    profile: outlook
    smtp:
      auth: true
      starttls.enable: true
      host: smtp.office365.com
      port: 587
      user: <insert email address here>

I followed https://www.elastic.co/guide/en/elastic-stack-overview/7.1/encrypting-data.html to generate a keystore. Does anyone know why I would be getting the error when I try to turn on the Watcher encryption?

spinscale · June 26, 2019, 6:50am

Hey,

it seems to me as if the keystore does not contain a proper setting for the . Can you share the output of

bin/elasticsearch-keystore list $PATH_TO/config/elasticsearch.keystore

the error message is confusing though, I'll open an issue for that.

--Alex

AMiura · June 26, 2019, 10:19pm

Thank you for opening that issue. The output for that command is as below.

$ sudo usr/share/elasticsearch/bin/elasticsearch-keystore list $PATH_TO/config/elasticsearch.keystore
keystore.seed

proxx · June 26, 2019, 11:05pm

Is there a way to run the command for those using rpm file

I get error when i run the command

dadoonet · June 26, 2019, 11:41pm

@proxx Please don't post images of text as they are hardly readable and not searchable.

Instead paste the text and format it with </> icon. Check the preview window.

Don't hijack threads and open your own questions.

Then to answer your question, look at: https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html#rpm-layout. Binaries are in /usr/share/elasticsearch/bin.

spinscale · June 27, 2019, 7:28am

ok, this means that you need to add the xpack.watcher.encryption_key setting to the keystore as it missing. Then Elasticsearch starts as expected.

AMiura · July 2, 2019, 4:26am

It worked! Thank you for your help

system · July 30, 2019, 4:26am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.