Slack watcher settings - v7.0. keystore requirements


We have an Elastic Cloud hosted version of ELK.

I am trying to follow these instructions - to setup my Slack watcher settings in the keystore - in order to upgrade to v7:

I've found the keystore at /deployments/security, but cannot seem to configure the Slack watcher correctly. I am trying to add:


secret (our slack webhook url)

And have tried replacing with every ID I can find.

Is this approach correct? If so, where would I find our ?


1 Like

did you find out to configure slack in v7?

This is what I did without luck:

First, set the url via keystore:

echo "" | docker exec -i -e ES_JAVA_OPTS="-Xmx128m -Xms128m" es_elasticsearch-node1.ID bin/elasticsearch-keystore add -f -v -x xpack.notification.slack.account.monitoring.secure_url

Second, restart the services.

When I did:

GET _nodes?filter_path=**.settings.xpack.notification

I got empty object.

Not sure how should I configure slack in this version :frowning:

it turns out that I didn't realized that I wasn't storing the keystore and with every restart I lost the settings.

do you have it solved now?

I got this reply from Elastic support:

First of all, it should be xpack.notification.slack.account.monitoring.secure_url

Just like the settings values in elasticsearch.yml, changes to the keystore contents are not automatically applied to the running elasticsearch node. For this secure setting, you need to restart your cluster to make it work.

Minor nit. Secure settings can be reloaded as well, see

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.