Need a custom action for Watcher

alerting

(Curtis) #1

I have an Elasticsearch 2.1.x cluster + Shield + Watcher installed on AWS EC2 instances. Would like to be able to send email using AWS Simple Email Service (SES), but security team insists that IAM roles be used instead of the SES username and password. Is there a plugin for Watcher that either supports IAM integration or supports calling custom code when condition statement of an action is true? cloud-aws-plugin doesn't seem to support SES. I know webhook could be used to call custom code -- I'm looking for alternatives to building a highly reliable web service just for handling watcher requests to send email via SES.

Alternatively we might be able to get approval to use the SES username / password if it can be encrypted in the config file somehow. Any ideas? Thanks in advance


(Alexander Reelsen) #2

Hey,

If you use shield, and configure http basic auth passwords in watches, those can be encrypted, see the docs about it.

Another alternative might be to use the HTTP action in combination to send data to logstash and sent it further from there (even though I am not sure if logstash support any different configuration than specifying user names and passwords for email either).

Hope this helps.

--Alex


(system) #3