Watcher HTTP request when using traffic filters?

Jared_Wallace · January 31, 2024, 6:28am

I'm having some trouble getting Watcher HTTP requests to function when using traffic filters on Elastic Cloud Enterprise.

A Watcher with the following block works perfectly, returning 200s as expected on a fresh Deployment, where foo.es.endpoint.io is the ES endpoint retrieved from the Deployment dashboard.

{
  ...
  "input": {
    "http": {
      "request": {
        "scheme": "https",
        "host": "foo.es.endpoint.io",
        "port": 443,
        "method": "get",
        "path": "/_cluster/health",
        "params": {},
        "headers": {},
        "auth" : {
          "basic" : {
            "username" : "username",
            "password" : "password"
          }
        }
      }
    }
  },
  ...
}

My trouble starts when adding a Traffic Filter (say a GCP private link filter or IP filter), which results in the Watcher returning 403s. I imagine this is because the endpoint isn't resolved internally.
Does anyone know how to make this work on Elastic Cloud through the traffic filter, or staying 'within the deployment' internally?

system · February 14, 2024, 6:28am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Request.types not working in ECE Watcher Elasticsearch elastic-stack-alerting	4	516	October 15, 2018
ElasticSearch Watcher http request input is not getting any response Elasticsearch	2	135	April 16, 2024
'no_http_response_exception' Issue With Watcher Elasticsearch	1	6	October 23, 2024
Receiving data via HTTPs or Ingest Pipelines Elasticsearch ingest-pipeline	7	1370	December 21, 2021
Watcher - Alerts to call an External API Elasticsearch elastic-stack-alerting	3	1150	August 10, 2020

Watcher HTTP request when using traffic filters?

Related Topics