Hi Team,
I am using delete_by_query in elasticsearch watcher action as webhook as below.
"actions": {
"my_api": {
"webhook": {
"scheme": "https",
"host": "130.8.1.198",
"port": 9200,
"method": "POST",
"path": "/search-my-index-*/_delete_by_query",
"body": """{"query": {"terms":{ "url":[{{ctx.payload._value}}] }}}"""
"headers": {
"Authenticate": "Bearer Zwabdhrifssr45kedhlgnhrbdlkg"
}
}
}
}
But when executing it shows below error
"body": "{\"error\":{\"root_cause\":[{\"type\":\"security_exception\",\"reason\":\"missing authentication credentials for REST request [/search-my-index-*/_delete_by_query]\",\"header\":{\"WWW-Authenticate\":[\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\",\"Bearer realm=\\\"security\\\"\",\"ApiKey\"]}}],\"type\":\"security_exception\",\"reason\":\"missing authentication credentials for REST request [/search-my-index-*/_delete_by_query]\",\"header\":{\"WWW-Authenticate\":[\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\",\"Bearer realm=\\\"security\\\"\",\"ApiKey\"]}},\"status\":401}"
}
Note: The index is created using elastic web crawler.
Please let me know, watcher doesn't work like devtool? do we need to give username and password?