Watcher HTTP request when using traffic filters?

Jared_Wallace · January 31, 2024, 6:28am

I'm having some trouble getting Watcher HTTP requests to function when using traffic filters on Elastic Cloud Enterprise.

A Watcher with the following block works perfectly, returning 200s as expected on a fresh Deployment, where foo.es.endpoint.io is the ES endpoint retrieved from the Deployment dashboard.

{
  ...
  "input": {
    "http": {
      "request": {
        "scheme": "https",
        "host": "foo.es.endpoint.io",
        "port": 443,
        "method": "get",
        "path": "/_cluster/health",
        "params": {},
        "headers": {},
        "auth" : {
          "basic" : {
            "username" : "username",
            "password" : "password"
          }
        }
      }
    }
  },
  ...
}

My trouble starts when adding a Traffic Filter (say a GCP private link filter or IP filter), which results in the Watcher returning 403s. I imagine this is because the endpoint isn't resolved internally.
Does anyone know how to make this work on Elastic Cloud through the traffic filter, or staying 'within the deployment' internally?

system · February 14, 2024, 6:28am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Whitelisting own cloud elasticsearch instance IP Elasticsearch elastic-stack-alerting	1	1066	February 24, 2021
Traffic Filters and monitoring clusters Elasticsearch	2	535	November 18, 2020
A question on Traffic filtering Elasticsearch	3	374	September 18, 2021
ECE & Watcher: Trouble sending API key to ECE Elasticsearch	2	591	July 13, 2023
Configuring Watcher with basic-auth and Elastic Cloud Elasticsearch	3	991	June 14, 2018

Watcher HTTP request when using traffic filters?

Related topics