Gmail problems

I'm trying to enable watcher to send email when conditions require an email to be sent. however i'm encounter issues and have been bashing my head against the wall for a while and decided its time to ask for assistance. I'm using an app specific password and i'm 100% confident app security settings in gmail are correct as i'm using this same email address with a different app password to send email from Zabbix and its working.
Below are my elastic user setting overrides. I do not think xpack.watcher.enabled is required but i saw it in an example and gave it a try.

xpack.watcher.enabled : true
xpack.notification.email.account:
gmail_account:
profile: gmail
smtp:
auth: true
starttls.enable: true
host: smtp.gmail.com
port: 587
user: donotreply@notimportant.com

The password is saved in the key store with the setting name of:
xpack.notification.email.account.gmail_account.smtp.secure_password

Below is the error i find in the logging-and-metrics instances after i push the "send test email" after creating a temporary watcher rule.
[2019-12-31T18:33:10,986][ERROR][org.elasticsearch.xpack.watcher.actions.email.ExecutableEmailAction] [instance-0000000005] failed to execute action [inlined/email_1]
javax.mail.MessagingException: failed to send email with subject [Watch [asf] has exceeded the threshold] via account [work]
at org.elasticsearch.xpack.watcher.notification.email.EmailService.send(EmailService.java:171) ~[?:?]
at org.elasticsearch.xpack.watcher.notification.email.EmailService.send(EmailService.java:163) ~[?:?]
at org.elasticsearch.xpack.watcher.actions.email.ExecutableEmailAction.execute(ExecutableEmailAction.java:76) ~[?:?]
at org.elasticsearch.xpack.core.watcher.actions.ActionWrapper.execute(ActionWrapper.java:164) [x-pack-core-7.5.1.jar:7.5.1]
at org.elasticsearch.xpack.watcher.execution.ExecutionService.executeInner(ExecutionService.java:534) [x-pack-watcher-7.5.1.jar:7.5.1]

On the nodes running docker
root@ELK-ECE-NODE-4:~# telnet smtp.gmail.com 587
Trying 74.125.20.109...
Connected to smtp.gmail.com.
Escape character is '^]'.
220 smtp.gmail.com ESMTP c14sm35697244pfn.8 - gsmtp
^]
telnet> quit

However when i tcpdump on the node while snooping for traffic on 587 i see nothing and the above error does not indicate that it is even trying to make a connection.

Any suggestions?
Thanks

Ah OK so the clue to what's going on here is javax.mail.MessagingException: failed to send email with subject [Watch [asf] has exceeded the threshold] via account [work]

that tells you that the account it's using to send is work and not gmail_account. The account work is some internal config (which in fact isn't used in ECE)

It looks like you just need to add one extra field to your config:

xpack.notification.email:
  default_account: gmail_account

(https://www.elastic.co/guide/en/x-pack/6.2/actions-email.html#configuring-email)

I see that this isn't included in the closest thing to ECE-specific docs for watcher (https://www.elastic.co/guide/en/cloud-enterprise/2.4/ece-add-user-settings.html) - I'll create an issue to get that fixed, if you can confirm the suggestion works?

1 Like

Alex,

Yes your solution works. Thank you for this as I've been bashing my head for a while now. :laughing:

For the benefit of others and myself surely later in life. Here is a working configuration for a custom domain hosted on gmail servers.

xpack.notification.email:
  default_account: gmail_account
xpack.notification.email.account:
gmail_account:
    profile: gmail
    smtp:
        auth: true
        starttls.enable: true
        host: smtp.gmail.com
        port: 587
        user: donotreply@notimportant.com

Along with the keystore setting of
xpack.notification.email.account.gmail_account.smtp.secure_password

I am also doing exactly the same, but it doesn't work for me. Could you please help?
Its little Urgent. Thanking you!

javax.mail.MessagingException comes
Caused by
com.sun.mail.util.MailConnectException: Couldn't connect to host, port: smtp.gmail.com, 587; timeout 120000
Caused by: java.net.ConnectException: Connection timed out: connect

Ah @Amandeep1 it might be worth opening a new thread for any replies, since this seems like a different problem

The error you are getting indicates that the container hosting ES cannot access smtp.gmail.com:587 - the container does not have outbound filtering, so this almost certainly means whatever network settings you have at the host level is blocking that?

I am running on windows machine. Do I need to change some settings ?

@Amandeep1 as @Alex_Piggott pointed out the issue appears to be network related. Check and make sure your cluster devices are able to resolve smtp.gmail.com and actually connect to gmail over port 587 via telnet. If those tests are successful and you still can't send mail you should start a new thread.