Using watcher with ES

alerting

(fjemli) #1

I'm trying to use watcher with ES 1.7.1 to send email alerts every 10s.
I installed Watcher plugin, configured ES to allow sending emails and created my watch (i think) successfully, but I didn't receive any emails:

  • ES configuration in elasticsearch.yml for email activation:
#watcher configuration
watcher.actions.email.service.account:
    gmail:
        profile: gmail
        smtp:
            auth: true
            starttls.enable: true
            host: smtp.gmail.com
            port: 587
            user: ************@gmail.com
            password: **************
  • My watch
PUT http://localhost:9200/_watcher/watch/event_fake_token
{
    "trigger": {
        "schedule": {
            "interval": "10s"
        }
    },
    "input": {
        "search": {
            "request": {
                "indices": [
                    "fouras_logs-*"
                ],
                "body": {
                     "query": {
            "match": {
                "message": "fake token"
                }
                    }
                }
            }
        }
    },
    "condition": {
        "compare": {
            "ctx.payload.hits.total": {
                "gt": 0
            }
        }
    },
    "actions": {
        "email_admin": {
            "email": {
                "to": "'Jemli Fathi < jemlifathi2013@gmail.com@gmail.com >'",
                "subject": "{{ctx.watch_id}} executed",
                "body": "{{ctx.watch_id}} executed with {{ctx.payload.hits.total}} hits"
            }
        }
    }
}

(Alexander Reelsen) #2

Hey,

can you either check the logs on your master node and the watch history if any of those contains more information of what failed?

--Alex


(system) #3