Simple Watcher Webhook

gytaco · September 27, 2019, 9:39pm

Hi Team

I am using Elastic Hosted and trying to create a simple Watcher Webhook alert and I cannot find an example anywhere of using the kibana interface of a simple Webhook using the UI. Can anyone point me in the direction of this? The documentation refers to more complex Json. I assume I am missing something obvious but there are no examples or samples of using the kibana Watcher webhook UI.

I want to see if I can train some of the team to be able to customise easily but there are not examples and no matter what I try I get the following error.

[instance-0000000002] failed to execute action [inlined/webhook_1] java.net.UnknownHostException: https: Name or service not known at java.net.Inet4AddressImpl.lookupAllHostAddr(Native Method) ~[?:?] at java.net.InetAddress$PlatformNameService.lookupAllHostAddr(InetAddress.java:929) ~[?:?] at java.net.InetAddress.getAddressesFromNameService(InetAddress.java:1515) ~[?:?] at java.net.InetAddress$NameServiceAddresses.get(InetAddress.java:848) ~[?:?] at java.net.InetAddress.getAllByName0(InetAddress.java:1505) ~[?:?] at java.net.InetAddress.getAllByName(InetAddress.java:1364) ~[?:?] at java.net.InetAddress.getAllByName(InetAddress.java:1298) ~[?:?] at org.apache.http.impl.conn.SystemDefaultDnsResolver.resolve(SystemDefaultDnsResolver.java:45) ~[httpclient-4.5.8.jar:4.5.8] at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:112) ~[httpclient-4.5.8.jar:4.5.8] at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:374) ~[httpclient-4.5.8.jar:4.5.8] at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393) ~[httpclient-4.5.8.jar:4.5.8] at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) ~[httpclient-4.5.8.jar:4.5.8] at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) ~[httpclient-4.5.8.jar:4.5.8] at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) ~[httpclient-4.5.8.jar:4.5.8] at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) ~[httpclient-4.5.8.jar:4.5.8] at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient-4.5.8.jar:4.5.8] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72) ~[httpclient-4.5.8.jar:4.5.8] at org.elasticsearch.xpack.watcher.common.http.HttpClient.lambda$execute$1(HttpClient.java:242) ~[?:?] at java.security.AccessController.doPrivileged(Native Method) ~[?:?] at org.elasticsearch.xpack.core.common.socket.SocketAccess.doPrivileged(SocketAccess.java:32) ~[x-pack-core-7.3.1.jar:7.3.1] at org.elasticsearch.xpack.watcher.common.http.HttpClient.execute(HttpClient.java:242) ~[?:?] at org.elasticsearch.xpack.watcher.actions.webhook.ExecutableWebhookAction.execute(ExecutableWebhookAction.java:42) ~[?:?] at org.elasticsearch.xpack.core.watcher.actions.ActionWrapper.execute(ActionWrapper.java:163) [x-pack-core-7.3.1.jar:7.3.1] at org.elasticsearch.xpack.watcher.execution.ExecutionService.executeInner(ExecutionService.java:516) [x-pack-watcher-7.3.1.jar:7.3.1] at org.elasticsearch.xpack.watcher.execution.ExecutionService.execute(ExecutionService.java:309) [x-pack-watcher-7.3.1.jar:7.3.1] at org.elasticsearch.xpack.watcher.transport.actions.execute.TransportExecuteWatchAction$1.doRun(TransportExecuteWatchAction.java:159) [x-pack-watcher-7.3.1.jar:7.3.1] at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37) [elasticsearch-7.3.1.jar:7.3.1] at org.elasticsearch.xpack.watcher.execution.ExecutionService$WatchExecutionTask.run(ExecutionService.java:605) [x-pack-watcher-7.3.1.jar:7.3.1] at org.elasticsearch.common.util.concurrent.ThreadContext$ContextPreservingRunnable.run(ThreadContext.java:688) [elasticsearch-7.3.1.jar:7.3.1] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) [?:?] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) [?:?] at java.lang.Thread.run(Thread.java:834) [?:?]

cjcenizal · September 30, 2019, 4:37pm

Hi Adam, there are a couple possible causes of this error.

DNS lookup could have failed. Can you try using the IP address directly instead of the domain-name-based URL?
The error also looks like the watch webhook you're trying to execute has https specified as the host. Would you mind sharing your webhook configuration, with private details obfuscated? Thanks.

CJ

gytaco · October 2, 2019, 9:43pm

Hi there

Here is my configuration it's a simple zendesk post request. Using basic auth I can make this request with curl so I am assuming I am missing something? Do I need to add anything in xpack?

gytaco · October 8, 2019, 12:42am

Hi Hopefully not bugging you but I put the zendesk details in the following reply.

cjcenizal · October 9, 2019, 4:30pm

Hey Adam, sorry for the late reply. This is a flaw in our current UI, tracked here: https://github.com/elastic/kibana/issues/44004. The problem is that the "Host" field exposed by the UI does not accept a URI; it only accepts a host. So in this case, it would only accept "xxx.zendesk.com", and it would default to using "http" as the scheme. We need to update the UI with a "Scheme" field so that you can also choose "https".

system · November 6, 2019, 4:30pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.