Slack configure URL with parameters

Hello!

i'm trying to configure elasticsearch for send to slack channel:

my url is like:

https://someslackurl.slack.com/slack_webhook/services/XXXXXXXX/XXXXXXXX/Xxxxxxxx?authentication=8dOnF9XxXYyzZ

as you can see i send the authentication parameter as a GET variable.

configurng watch on advance mode i use this:

"actions": {
    "send_trigger": {
      "webhook": {
          "method": "POST",
          "scheme": "https",
          "port": 443,
          "host": "someslackurl.slack.com",
          "path": "/slack_webhook/services/XXXXXXXX/XXXXXXXX/Xxxxxxxx?authentication=8dOnF9XxXYyzZ",
          "body": "{ \"text\": \"testing slack integration, was send by {{ctx.payload.hits.total}} errors in past 5 minutes \", \"channel\": \"test-elk\" }",
          "headers": {
              "Content-type": "application/json"
          }
      }
    }
  }

and it works perfectly, but i want configure slack on elasticsearch.yml for use the kibana GUI, u know configure a threshold alert, so i add next lines into elasticsearch.yml:

xpack.watcher.enabled: true
xpack.notification.slack.account.testelk.url: https://someslackurl.slack.com/slack_webhook/services/XXXXXXXX/XXXXXXXX/Xxxxxxxx?authentication=8dOnF9XxXYyzZ
xpack.notification.slack.account.testelk.url.message_defaults.from: "Watcher"
xpack.notification.slack.account.testelk.url.message_defaults.message_defaults.to: "test-elk"

but looks like the authentication parameter is not sending to my slack host, i received 403 error message everytime sends a alerting.

 "actions": [
  {
    "id": "slack_1",
    "type": "slack",
    "status": "failure",
    "slack": {
      "account": "testelk",
      "sent_messages": [
        {
          "status": "failure",
          "request": {
            "host": "someslackurl.slack.com",
            "port": -1,
            "scheme": "https",
            "method": "post",
            "headers": {
              "Content-Type": "application/json; charset=UTF-8"
            },
            "body": "{\"channel\":\"test-elk\",\"username\":\"8a1b4e66-54aa-4369-a60d-a9424897e148\",\"text\":\"Testing with a threshold watch\"}"
          },
          "response": {
            "status": 403,
            "headers": {
              "date": [
                "Sat, 06 Apr 2019 16:56:22 GMT"
              ],
              "server": [
                "Apache-Coyote/1.1"
              ],
              "content-length": [
                "170"
              ],
              "connection": [
                "close"
              ],
              "content-type": [
                "application/json;charset=UTF-8"
              ]
            },
            "body": "{\n  \"errorcode\": 403,\n  \"errorstring\": \"Forbidden 403\",\n  \"erroractor\": \" https://someslackurl.slack.com/slack_webhook/services/XXXXXXXX/XXXXXXXX/Xxxxxxxx\"\n}\n"
          },
          "to": "test-elk",
          "message": {
            "from": "8a1b4e66-54aa-4369-a60d-a9424897e148",
            "text": "Testing with a threshold watch"
          }
        }
      ]
    }
  }
]

as you can see on url looks like is sending only the url without GET parameters....

i tried to add this authentication parameter on the configuration, but looks like is not possible =/

but, looking into the messages from advance watch i have more parameters on the webhook that permit me send the authentication parameter:

"actions": [
      {
        "id": "send_trigger",
        "type": "webhook",
        "status": "success",
        "webhook": {
          "request": {
            "host": "someslackurl.slack.com",
            "port": 443,
            "scheme": "https",
            "method": "post",
            "path": "/slack_webhook/services/XXXXXXXX/XXXXXXXX/Xxxxxxxx?authentication=8dOnF9XxXYyzZ",
            "headers": {
              "Content-type": "application/json"
            },
            "body": "{ \"text\": \"testing slack integration, was send by 2808 errors in past 5 minutes, avanzado \", \"channel\": \"test-elk\" }"
          },
          "response": {
            "status": 200,
            "headers": {
              "date": [
                "Sat, 06 Apr 2019 16:17:59 GMT"
              ],
              "server": [
                "Apache-Coyote/1.1"
              ],
              "vary": [
                "Accept-Encoding"
              ],
              "x-frame-options": [
                "SAMEORIGIN"
              ],
              "x-via": [
                "haproxy-www-aaaa"
              ],
              "strict-transport-security": [
                "max-age=31536000; includeSubDomains; preload"
              ],
              "via": [
                "1.1 45somenumeryouknowforsecurity.cloudfront.net (CloudFront)"
              ],
              "access-control-allow-origin": [
                "*"
              ],
              "referrer-policy": [
                "no-referrer"
              ],
              "content-type": [
                "text/html"
              ],
              "x-cache": [
                "Miss from cloudfront"
              ],
              "x-amz-cf-id": [
                "Oq3c8XXXXXXXXXXXXXXXXXXxxxxxxxxxxxxxxxxxxxyyyyyyyyyyyyyyyYYYY=="
              ]
            },
            "body": "ok"
          }
        }
      }
    ]

as you can see on advance mode exist the parameter PATH.....

anyone could add some GET parameters into URL or exist any slack propertie where i can configure this?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.