OpenSearch/x-pack/docs/en/watcher/java/put-watch.asciidoc

92 lines
4.1 KiB
Plaintext

[float]
[[api-java-put-watch]]
=== Put watch API
The put watch API either registers a new watch in {watcher} or update an
existing one. Once registered, a new document will be added to the `.watches`
index, representing the watch, and the watch trigger will immediately be
registered with the relevant trigger engine (typically the scheduler, for the
`schedule` trigger).
IMPORTANT: Putting a watch must be done via this API only. Do not put a watch
directly to the `.watches` index using Elasticsearch's Index API.
When the {es} {security-features} are enabled, make sure no `write`
privileges are granted to anyone over the `.watches` index.
The following example adds a watch with the `my-watch` id that has the following
characteristics:
* The watch schedule triggers every minute.
* The watch search input looks for any 404 HTTP responses that occurred in the
last five minutes.
* The watch condition checks if any hits where found.
* When hits are found, the watch action sends an email to the administrator.
[source,java]
--------------------------------------------------
WatchSourceBuilder watchSourceBuilder = WatchSourceBuilders.watchBuilder();
// Set the trigger
watchSourceBuilder.trigger(TriggerBuilders.schedule(Schedules.cron("0 0/1 * * * ?")));
// Create the search request to use for the input
SearchRequest request = Requests.searchRequest("idx").source(searchSource()
.query(boolQuery()
.must(matchQuery("response", 404))
.filter(rangeQuery("date").gt("{{ctx.trigger.scheduled_time}}"))
.filter(rangeQuery("date").lt("{{ctx.execution_time}}"))
));
// Create the search input
SearchInput input = new SearchInput(new WatcherSearchTemplateRequest(new String[]{"idx"}, null, SearchType.DEFAULT,
WatcherSearchTemplateRequest.DEFAULT_INDICES_OPTIONS, new BytesArray(request.source().toString())), null, null, null);
// Set the input
watchSourceBuilder.input(input);
// Set the condition
watchSourceBuilder.condition(new ScriptCondition(new Script("ctx.payload.hits.total.value > 1")));
// Create the email template to use for the action
EmailTemplate.Builder emailBuilder = EmailTemplate.builder();
emailBuilder.to("someone@domain.host.com");
emailBuilder.subject("404 recently encountered");
EmailAction.Builder emailActionBuilder = EmailAction.builder(emailBuilder.build());
// Add the action
watchSourceBuilder.addAction("email_someone", emailActionBuilder);
PutWatchResponse putWatchResponse = watcherClient.preparePutWatch("my-watch")
.setSource(watchSourceBuilder)
.get();
--------------------------------------------------
While the above snippet flashes out all the concrete classes that make our watch,
using the available builder classes along with static imports can significantly
simplify and compact your code:
[source,java]
--------------------------------------------------
PutWatchResponse putWatchResponse2 = watcherClient.preparePutWatch("my-watch")
.setSource(watchBuilder()
.trigger(schedule(cron("0 0/1 * * * ?")))
.input(searchInput(new WatcherSearchTemplateRequest(new String[]{"idx"}, null, SearchType.DEFAULT,
WatcherSearchTemplateRequest.DEFAULT_INDICES_OPTIONS, searchSource()
.query(boolQuery()
.must(matchQuery("response", 404))
.filter(rangeQuery("date").gt("{{ctx.trigger.scheduled_time}}"))
.filter(rangeQuery("date").lt("{{ctx.execution_time}}"))
).buildAsBytes())))
.condition(compareCondition("ctx.payload.hits.total.value", CompareCondition.Op.GT, 1L))
.addAction("email_someone", emailAction(EmailTemplate.builder()
.to("someone@domain.host.com")
.subject("404 recently encountered"))))
.get();
--------------------------------------------------
* Use `TriggerBuilders` and `Schedules` classes to define the trigger
* Use `InputBuilders` class to define the input
* Use `ConditionBuilders` class to define the condition
* Use `ActionBuilders` to define the actions