How can I check the status of an email from a watch

drivera · May 3, 2019, 9:06pm

Running ES 5.6 .

Trying to setup the watch below but not receiving any email. How can I check the status of the email? I don't see anything in the logs. The watch is monitoring that the cluster is in a green state. Do you see anything wrong with the watch?

PUT _xpack/watcher/watch/cluster_health_watch
{
"trigger" : {
"schedule" : { "interval" : "10s" }
},
"input" : {
"http" : {
"request" : {
"host" : "master_node",
"port" : 9200,
"path" : "/_cluster/health"
}
}
},
"condition" : {
"compare" : {
"ctx.payload.status" : { "eq" : "green" }
}
},
"actions" : {
"send_email" : {
"email" : {
"to" : "email_address" "@mydomain.com",
"subject" : "Cluster Status Warning",
"body" : "Cluster status is GREEN"
}
}
}
}

my yml file looks like this:

cluster.name: istunixes
node.name: <master_node>
path.conf: /etc/elasticsearch
path.data: /data/elasticsearch
path.repo: ["/mount/backups/esbackup"]
#path.work: /tmp/elasticsearch
path.logs: /var/log/elasticsearch
#path.plugins: /usr/share/elasticsearch/plugins
network.bind_host: 0.0.0.0
network.publish_host: 0.0.0.0
http.port: 9200
http.cors.enabled: true
http.cors.allow-origin: "/.*/"
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
#action.disable_delete_all_indices: true
#bootstrap.mlockall: false
#gateway.type: local
discovery.zen.ping.unicast.hosts:
action.auto_create_index: true
#script.disable_dynamic: True
#shield.audit.enabled: true
#shield.audit.outputs: logfile
#shield.authc:

realms:

default:

type: esusers

order: 0

node.data: false
node.master: true
#node.size: none
discovery.zen.minimum_master_nodes: 2
#cluster.routing.allocation.cluster_concurrent_rebalance: 5
#cluster.routing.allocation.cluster_concurrent_recoveries: 5
#index.unassigned.node_left.delayed_timeout: 5m

x pack settings

xpack.security.enabled: true
xpack.monitoring.enabled: true
xpack.graph.enabled: true
xpack.watcher.enabled: true
xpack.notification.email.account:
exchange_account:
profile: outlook
email_defaults:
from:
smtp:
auth: true
starttls.enable: true
host:
port: 587
user: xxxx
password: xxxx

spinscale · May 6, 2019, 7:50am

Hey,

please take the time to properly format your emails. You can use markdown here and it supports awesome code formatting. This will make it much easier for other to check out your code samples and also have correct indendation. Thank you.

Every watch execution creates a so-called history record which shows if any error has occured. You can either query the watch history or simply run the Execute Watch API. Then put the output into a pastebin and refer to it over here in order to take a further look.

I also highly encourage you to read this blog post about watch debugging as it will probably save you hours down the road debugging issues.

--Alex

drivera · May 8, 2019, 4:56pm

Thank you Alexander, will fix my posts in the future. Here it the error I'm receiving when I try to send email

"execution_time": "2019-05-08T16:51:41.896Z",
"execution_duration": 2,
"input": {
  "type": "http",
  "status": "success",
  "payload": {
    "_headers": {
      "www-authenticate": [
        "Basic realm=\"security\" charset=\"UTF-8\""
      ],
      "content-length": [
        "399"
      ],
      "content-type": [
        "application/json; charset=UTF-8"
      ]
    },
    "error": {
      "root_cause": [
        {
          "type": "security_exception",
          "reason": "missing authentication token for REST request [/_cluster/health]",
          "header": {
            "WWW-Authenticate": "Basic realm=\"security\" charset=\"UTF-8\""
          }
        }
      ],
      "type": "security_exception",
      "reason": "missing authentication token for REST request [/_cluster/health]",
      "header": {
        "WWW-Authenticate": "Basic realm=\"security\" charset=\"UTF-8\""
      }
    },
    "_status_code": 401,
    "status": 401
  }, spaces

spinscale · May 9, 2019, 10:00am

Taking a look at the output, there is an error message telling you about a missing authentication token. In order to connect to the Elasticsearch node, you need to specify a username and a password.

drivera · May 10, 2019, 5:29pm

    xpack.notification.email.account:
  exchange_account:
    profile: "my profile"
    email_defaults:
      from: "email account
    smtp:
      auth: true
      starttls.enable: true
      host: smtp.mydomain.com
      port: 25
      user: "email account"
      password: "password"

Resolved by changing my server and port information above. Thanks for your help. Better formatting, right?

system · June 7, 2019, 5:29pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.