Hi - I noticed this error when attempting to force execute a watcher that triggers out the alert to our monitoring tool - Nagios.
could not parse [webhook] action [inlined/notify-nagios]. failed parsing http request template
It was working until recently. We upgraded Elastic from v7.13 to v7/16 recently. Could it be anything to do with enhancements to watchers? We also enabled TLS communication for all HTTP communication with Elastic recently. Couldn't find anything related to it in the release notes from elastic.
Here is the watcher definition:
{
"trigger": {
"schedule": {
"interval": "1m"
}
},
"input": {
"search": {
"request": {
"search_type": "query_then_fetch",
"indices": [
"heartbeat-*"
],
"rest_total_hits_as_int": true,
"body": {
"size": 0,
"query": {
"bool": {
"must": [
{
"term": {
"monitor.status": {
"value": "down"
}
}
}
],
"filter": [
{
"range": {
"@timestamp": {
"from": "now-4m"
}
}
}
]
}
},
"aggregations": {
"by_monitors": {
"terms": {
"field": "monitor.name",
"size": 10,
"min_doc_count": 1
}
}
}
}
}
}
},
"condition": {
"compare": {
"ctx.payload.hits.total": {
"gte": 4
}
}
},
"actions": {
"notify-nagios": {
"webhook": {
"scheme": "https",
"host": "monitoringhost",
"port": 443,
"method": "post",
"path": "/nrdp/",
"params": {
"cmd": "submitcheck",
"token": "NBT3L0kpNTvpQK9443CulVoct"
},
"headers": {
"Accept": "application/json",
"Content-Type": "application/x-www-form-urlencoded"
},
"auth": {
"basic": {
"username": "bofawebapps",
"password": "::es_redacted::"
}
},
"body": """json={"checkresults": [{"checkresult": {"type": "service"},"hostname": "test-platform","servicename": "test Service Health Check Alert","state": "2","output": "Critical -> test.0 Health Check Alert: {{ctx.payload.hits.total}} Health endpoint(s) is/are not responding in the last minute. Please check Kibana uptime dashboard for the failed health endpoints at https%3A%2F%2Fkibana.bofadm.com%2Fapp%2Fuptime%23%2Fapp%2Fuptime%2F%3FdateRangeStart%3Dnow-1h%26statusFilter%3Ddown "}]}"""
}
}
}
}