I'm trying to enable watcher to send email when conditions require an email to be sent. however i'm encounter issues and have been bashing my head against the wall for a while and decided its time to ask for assistance. I'm using an app specific password and i'm 100% confident app security settings in gmail are correct as i'm using this same email address with a different app password to send email from Zabbix and its working.
Below are my elastic user setting overrides. I do not think xpack.watcher.enabled is required but i saw it in an example and gave it a try.
The password is saved in the key store with the setting name of:
Below is the error i find in the logging-and-metrics instances after i push the "send test email" after creating a temporary watcher rule.
[2019-12-31T18:33:10,986][ERROR][org.elasticsearch.xpack.watcher.actions.email.ExecutableEmailAction] [instance-0000000005] failed to execute action [inlined/email_1]
javax.mail.MessagingException: failed to send email with subject [Watch [asf] has exceeded the threshold] via account [work]
at org.elasticsearch.xpack.watcher.notification.email.EmailService.send(EmailService.java:171) ~[?:?]
at org.elasticsearch.xpack.watcher.notification.email.EmailService.send(EmailService.java:163) ~[?:?]
at org.elasticsearch.xpack.watcher.actions.email.ExecutableEmailAction.execute(ExecutableEmailAction.java:76) ~[?:?]
at org.elasticsearch.xpack.core.watcher.actions.ActionWrapper.execute(ActionWrapper.java:164) [x-pack-core-7.5.1.jar:7.5.1]
at org.elasticsearch.xpack.watcher.execution.ExecutionService.executeInner(ExecutionService.java:534) [x-pack-watcher-7.5.1.jar:7.5.1]
On the nodes running docker
root@ELK-ECE-NODE-4:~# telnet smtp.gmail.com 587
Connected to smtp.gmail.com.
Escape character is '^]'.
220 smtp.gmail.com ESMTP c14sm35697244pfn.8 - gsmtp
However when i tcpdump on the node while snooping for traffic on 587 i see nothing and the above error does not indicate that it is even trying to make a connection.