Hi,
i am using ES 5.2
i am trying to implement watcher for some keywords ("filename" : getSSLConnectionSocketFactory.java") I used below curl but its not working out.
Can someone tell me what wrong I am doing or please share your YML.
--
curl -XPUT 'localhost:9200/_xpack/watcher/watch/bad_watch?pretty' -H 'Content-Type: application/json' -d'
{
"trigger" : {
"schedule" : { "cron" : "0 0/1 * * * ?" }
},
"input" : {
"search" : {
"request" : {
"indices" : [
"logstash*"
],
"body" : {
"query" : {
"bool" : {
"must" : {
"match": {
"methodName":"getSSLConnectionSocketFactory"
}
},
"filter" : {
"range": {
"@timestamp ": {
"from": "{{ctx.trigger.scheduled_time}}||-5m",
"to": "{{ctx.trigger.triggered_time}}"
}
}
}
}
}
}
}
}
},
"condition" : {
"compare" : { "ctx.payload.hits.total" : { "gt" : 0 }}
},
"actions" : {
"email_admin" : {
"email" : {
"to" : "xxxx.xx@gmail.com ",
"subject" : "404 recently encountered"
}
}
}
}
'
while doing curl to check status of watchers..
curl -XGET localhost:9200/_xpack/watcher/watch/bad_watch
It gives me below error --
"successful":false,"reason":"IllegalArgumentException[no account found for name: [null]]"}}}}
spinscale
(Alexander Reelsen)
June 15, 2017, 3:31pm
2
Hey,
can you share your cluster state, so we can see how your email accounts are configured?
--Alex
please let me know if you need any other detail.I am using deb image for my docker.
My elastic search yml file is as below -
cluster.name : elasticsearch-logging
node.name : "elasticsearch-logging-0"
path.data: /var/lib/elasticsearch/data
xpack.notification.email.account:
gmail_account:
profile: gmail
smtp:
auth: true
starttls.enable: true
host: smtp.gmail.com
port: 587
user: ****. @gmail.com
password: ******
I think I have resolved previous issues.
But a strange issues I am Facing now. Google is blocking verification of email and I am getting below log for watcher --
DOING CURL --
curl -XGET localhost:9200/_xpack/watcher/watch/last_watch
Getting below response:
{"found":true,"_id":"last_watch","_status":{"version":5,"state":{"active":true,"timestamp":"2017-06-16T00:39:16.654Z"},"last_checked":"2017-06-16T00:43:00.229Z","last_met_condition":"2017-06-16T00:43:00.229Z","actions":{"email_admin":{"ack":{"timestamp":"2017-06-16T00:39:16.654Z","state":"awaits_successful_execution"},"last_execution":{"timestamp":"2017-06-16T00:43:00.229Z","successful":false,"reason":"MessagingException[failed to send email with subject [404 recently encountered] via account [gmail_account]]; nested: AuthenticationFailedException[534-5.7.14 <https://accounts.google.com/signin/continue?sarp=1&scc=1&plt=AKgnsbvF\n534-5.7.14 q0WEdpll7GFx7wL5ZoIKlaHy0J1Z58ZNsgsuseIWKkJEAaiNf5hWY11ZPPsJb6u7h9z0Xe\n534-5.7.14 kWiT264a1EJgbKW5ESeccxI0uUZ_3X4klQS4jBjB7dDw6pRU490p-yKtXkL2-Ik\n534-5.7.14 vMoQFBgYsmH2WbbGFC3Z63GBpWVH0O9LmpVsB89ZsSreIXN_bb0AX3UWwoX4dTb4UiXtmi\n534-5.7.14 ExF49I6J7QFe3yZLjP98FnMpJtkQI> Please log in via your web browser and\n534-5.7.14 then try again.\n534-5.7.14 Learn more at\n534 5.7.14 https://support.google.com/mail/answer/78754 a22sm752699pfc.115 - gsmtp\n]; "}}}},"watch":{"trigger":{"schedule":{"cron":"0 0/1 * * * ?"}},"input":{"search":{"request":{"search_type":"query_then_fetch","indices":["logstash*"],"types":[],"body":{"query":{"bool":{"must":{"match":{"methodName":"getSSLConnectionSocketFactory"}}}}}}}},"condition":{"compare":{"ctx.payload.hits.total":{"gt":0}}},"actions":{"email_admin":{"email":{"profile":"standard","to":["ankushsingh.gre@gmail.com"],"subject":"404 recently encountered"}}}}}r
spinscale
(Alexander Reelsen)
June 16, 2017, 6:13am
5
Hey,
please keep in mind, that this forum does not come with any SLA guarantees. If you need those, use our official support.
If you are using gmail with two factor auth enabled, you have to create a so called unique password, there is a link in our documentation pointing to the corresponding gmail documentation. As you can see in the output, also google points to a link to debug this issue further in its output.
--Alex
system
(system)
Closed
July 14, 2017, 6:13am
6
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.