I am facing one issue watcher watcher,
I have a query which returns list of “servername” and “datatype”
{"Servername":"2","datatype":"AuditJobBacklog"}
{"Servername":"3","datatype":"AuditJobBacklog"}
I want to insert this data back to elasticsearch using bulk insert(I am using Kibana DevTools).
When I tried with post it works fine,
POST statuslogs/messages/_bulk
{"index":{}}
{"Servername":"2","datatype":"AuditJobBacklog"}
{"index":{}}
{"Servername":"3","datatype":"AuditJobBacklog"}
Same this I am trying to pass in watcher action
"actions": {
"elastic_webhook": {
"webhook": {
"method": "POST",
"host": "localhost",
"port": 9200,
"path": "statuslogs/messages/_bulk",
"headers": {
"Accept": "application/json",
"Content-Type": "application/json"
},
"auth": {
"basic": {
"username": "elastic",
"password": "changeme"
}
},
"body": """{"index":{}}\n{"Servername":"2","datatype":"AuditJobBacklog"}\n{"index":{}}\n{"Servername":"3","datatype":"AuditJobBacklog"}\n\n"""
}
}
}
when it gets executed it is throwing an error
"body": """{"error":{"root_cause":[{"type":"action_request_validation_exception","reason":"Validation Failed: 1: no requests added;"}],"type":"action_request_validation_exception","reason":"Validation Failed: 1: no requests added;"},"status":400}"""
I read blobs about this error, in most of the places error caused because of newline. I tried many ways by putting newline in different places. Still I am not able to post the data.
With single data I am able to send to elastic. I am facing problem with bulk insert.
Please help me in solving this issue.
Thanks
Umesh