347 lines
12 KiB
Plaintext
347 lines
12 KiB
Plaintext
[role="xpack"]
|
|
[[notification-settings]]
|
|
=== {watcher} settings in Elasticsearch
|
|
|
|
[subs="attributes"]
|
|
++++
|
|
<titleabbrev>{watcher} settings</titleabbrev>
|
|
++++
|
|
|
|
You configure {watcher} settings to set up {watcher} and send notifications via
|
|
<<email-notification-settings,email>>,
|
|
<<slack-notification-settings,Slack>>, and
|
|
<<pagerduty-notification-settings, PagerDuty>>.
|
|
|
|
All of these settings can be added to the `elasticsearch.yml` configuration file,
|
|
with the exception of the secure settings, which you add to the {es} keystore.
|
|
For more information about creating and updating the {es} keystore, see
|
|
<<secure-settings>>. Dynamic settings can also be updated across a cluster with the
|
|
<<cluster-update-settings,cluster update settings API>>.
|
|
|
|
[float]
|
|
[[general-notification-settings]]
|
|
==== General Watcher Settings
|
|
`xpack.watcher.enabled`::
|
|
Set to `false` to disable {watcher} on the node.
|
|
|
|
`xpack.watcher.encrypt_sensitive_data`::
|
|
Set to `true` to encrypt sensitive data. If this setting is enabled, you
|
|
must also specify the `xpack.watcher.encryption_key` setting. For more
|
|
information, see <<encrypting-data>>.
|
|
|
|
`xpack.watcher.encryption_key` (<<secure-settings,Secure>>)::
|
|
Specifies the path to a file that contains a key for encrypting sensitive data.
|
|
If `xpack.watcher.encrypt_sensitive_data` is set to `true`, this setting is
|
|
required. For more information, see <<encrypting-data>>.
|
|
|
|
`xpack.watcher.history.cleaner_service.enabled`::
|
|
added:[6.3.0,Default changed to `true`.]
|
|
deprecated:[7.0.0,Watcher history indices are now managed by the `watch-history-ilm-policy` ILM policy]
|
|
+
|
|
Set to `true` (default) to enable the cleaner service. If this setting is
|
|
`true`, the `xpack.monitoring.enabled` setting must also be set to `true` with
|
|
a local exporter enabled. The cleaner service removes previous versions of
|
|
{watcher} indices (for example, `.watcher-history*`) when it determines that
|
|
they are old. The duration of {watcher} indices is determined by the
|
|
`xpack.monitoring.history.duration` setting, which defaults to 7 days. For
|
|
more information about that setting, see <<monitoring-settings>>.
|
|
|
|
`xpack.http.proxy.host`::
|
|
Specifies the address of the proxy server to use to connect to HTTP services.
|
|
|
|
`xpack.http.proxy.port`::
|
|
Specifies the port number to use to connect to the proxy server.
|
|
|
|
`xpack.http.default_connection_timeout`::
|
|
The maximum period to wait until abortion of the request, when a
|
|
connection is being initiated.
|
|
|
|
`xpack.http.default_read_timeout`::
|
|
The maximum period of inactivity between two data packets, before the
|
|
request is aborted.
|
|
|
|
`xpack.http.max_response_size`::
|
|
Specifies the maximum size an HTTP response is allowed to have, defaults to
|
|
`10mb`, the maximum configurable value is `50mb`.
|
|
|
|
`xpack.http.whitelist`::
|
|
A list of URLs, that the internal HTTP client is allowed to connect to. This
|
|
client is used in the HTTP input, the webhook, the slack, pagerduty,
|
|
and jira actions. This setting can be updated dynamically. It defaults to `*`
|
|
allowing everything. Note: If you configure this setting and you are using one
|
|
of the slack/pagerduty actions, you have to ensure that the
|
|
corresponding endpoints are whitelisted as well.
|
|
|
|
[[ssl-notification-settings]]
|
|
:ssl-prefix: xpack.http
|
|
:component: {watcher} HTTP
|
|
:verifies:
|
|
:server!:
|
|
:ssl-context: watcher
|
|
|
|
include::ssl-settings.asciidoc[]
|
|
|
|
[float]
|
|
[[email-notification-settings]]
|
|
==== Email Notification Settings
|
|
You can configure the following email notification settings in
|
|
`elasticsearch.yml`. For more information about sending notifications
|
|
via email, see <<configuring-email-actions>>.
|
|
|
|
`xpack.notification.email.account`::
|
|
Specifies account information for sending notifications via email. You
|
|
can specify the following email account attributes:
|
|
+
|
|
--
|
|
[[email-account-attributes]]
|
|
|
|
`profile` (<<cluster-update-settings,Dynamic>>);;
|
|
The <<configuring-email,email profile>> to use to build the MIME
|
|
messages that are sent from the account. Valid values: `standard`, `gmail` and
|
|
`outlook`. Defaults to `standard`.
|
|
|
|
`email_defaults.*` (<<cluster-update-settings,Dynamic>>);;
|
|
An optional set of email attributes to use as defaults
|
|
for the emails sent from the account. See
|
|
<<email-action-attributes>> for the supported
|
|
attributes.
|
|
|
|
`smtp.auth` (<<cluster-update-settings,Dynamic>>);;
|
|
Set to `true` to attempt to authenticate the user using the
|
|
AUTH command. Defaults to `false`.
|
|
|
|
`smtp.host` (<<cluster-update-settings,Dynamic>>);;
|
|
The SMTP server to connect to. Required.
|
|
|
|
`smtp.port` (<<cluster-update-settings,Dynamic>>);;
|
|
The SMTP server port to connect to. Defaults to 25.
|
|
|
|
`smtp.user` (<<cluster-update-settings,Dynamic>>);;
|
|
The user name for SMTP. Required.
|
|
|
|
`smtp.secure_password` (<<secure-settings,Secure>>);;
|
|
The password for the specified SMTP user.
|
|
|
|
`smtp.starttls.enable` (<<cluster-update-settings,Dynamic>>);;
|
|
Set to `true` to enable the use of the `STARTTLS`
|
|
command (if supported by the server) to switch the connection to a
|
|
TLS-protected connection before issuing any login commands. Note that
|
|
an appropriate trust store must configured so that the client will
|
|
trust the server's certificate. Defaults to `false`.
|
|
|
|
`smtp.starttls.required` (<<cluster-update-settings,Dynamic>>);;
|
|
If `true`, then `STARTTLS` will be required. If that command fails, the
|
|
connection will fail. Defaults to `false`.
|
|
|
|
`smtp.ssl.trust` (<<cluster-update-settings,Dynamic>>);;
|
|
A list of SMTP server hosts that are assumed trusted and for which
|
|
certificate verification is disabled. If set to "*", all hosts are
|
|
trusted. If set to a whitespace separated list of hosts, those hosts
|
|
are trusted. Otherwise, trust depends on the certificate the server
|
|
presents.
|
|
|
|
`smtp.timeout` (<<cluster-update-settings,Dynamic>>);;
|
|
The socket read timeout. Default is two minutes.
|
|
|
|
`smtp.connection_timeout` (<<cluster-update-settings,Dynamic>>);;
|
|
The socket connection timeout. Default is two minutes.
|
|
|
|
`smtp.write_timeout` (<<cluster-update-settings,Dynamic>>);;
|
|
The socket write timeout. Default is two minutes.
|
|
|
|
`smtp.local_address` (<<cluster-update-settings,Dynamic>>);;
|
|
A configurable local address when sending emails. Not configured by default.
|
|
|
|
`smtp.local_port` (<<cluster-update-settings,Dynamic>>);;
|
|
A configurable local port when sending emails. Not configured by default.
|
|
|
|
`smtp.send_partial` (<<cluster-update-settings,Dynamic>>);;
|
|
Send an email, despite one of the receiver addresses being invalid.
|
|
|
|
`smtp.wait_on_quit` (<<cluster-update-settings,Dynamic>>);;
|
|
If set to false the QUIT command is sent and the connection closed. If set to
|
|
true, the QUIT command is sent and a reply is waited for. True by default.
|
|
--
|
|
|
|
`xpack.notification.email.html.sanitization.allow`::
|
|
Specifies the HTML elements that are allowed in email notifications. For
|
|
more information, see
|
|
<<email-html-sanitization>>. You can
|
|
specify individual HTML elements and the following HTML feature groups:
|
|
+
|
|
--
|
|
[[html-feature-groups]]
|
|
|
|
`_tables`;;
|
|
All table related elements: `<table>`, `<th>`, `<tr>`
|
|
and `<td>`.
|
|
|
|
`_blocks`;;
|
|
The following block elements: `<p>`, `<div>`, `<h1>`,
|
|
`<h2>`, `<h3>`, `<h4>`, `<h5>`, `<h6>`, `<ul>`, `<ol>`,
|
|
`<li>`, and `<blockquote>`.
|
|
|
|
`_formatting`;;
|
|
The following inline formatting elements: `<b>`, `<i>`,
|
|
`<s>`, `<u>`, `<o>`, `<sup>`, `<sub>`, `<ins>`, `<del>`,
|
|
`<strong>`, `<strike>`, `<tt>`, `<code>`, `<big>`,
|
|
`<small>`, `<br>`, `<span>`, and `<em>`.
|
|
|
|
`_links`;;
|
|
The `<a>` element with an `href` attribute that points
|
|
to a URL using the following protocols: `http`, `https`
|
|
and `mailto`.
|
|
|
|
`_styles`;;
|
|
The `style` attribute on all elements. Note that CSS
|
|
attributes are also sanitized to prevent XSS attacks.
|
|
|
|
`img`;;
|
|
`img:all`;;
|
|
All images (external and embedded).
|
|
|
|
`img:embedded`;;
|
|
Only embedded images. Embedded images can only use the
|
|
`cid:` URL protocol in their `src` attribute.
|
|
--
|
|
|
|
`xpack.notification.email.html.sanitization.disallow`::
|
|
Specifies the HTML elements that are NOT allowed in email notifications.
|
|
You can specify individual HTML elements and <<html-feature-groups,
|
|
HTML feature groups>>.
|
|
|
|
`xpack.notification.email.html.sanitization.enabled` ::
|
|
Set to `false` to completely disable HTML sanitation. Not recommended.
|
|
Defaults to `true`.
|
|
|
|
[[ssl-notification-smtp-settings]]
|
|
:ssl-prefix: xpack.notification.email
|
|
:component: {watcher} Email
|
|
:verifies:
|
|
:server!:
|
|
:ssl-context: watcher-email
|
|
|
|
include::ssl-settings.asciidoc[]
|
|
|
|
[float]
|
|
[[slack-notification-settings]]
|
|
==== Slack Notification Settings
|
|
You can configure the following Slack notification settings in
|
|
`elasticsearch.yml`. For more information about sending notifications
|
|
via Slack, see <<configuring-slack-actions>>.
|
|
|
|
`xpack.notification.slack` ::
|
|
Specifies account information for sending notifications
|
|
via Slack. You can specify the following Slack account attributes:
|
|
+
|
|
--
|
|
[[slack-account-attributes]]
|
|
|
|
`secure_url` (<<secure-settings,Secure>>);;
|
|
The Incoming Webhook URL to use to post messages to Slack. Required.
|
|
|
|
`message_defaults.from`;;
|
|
The sender name to display in the
|
|
Slack message. Defaults to the watch ID.
|
|
|
|
`message_defaults.to`;;
|
|
The default Slack channels or groups you
|
|
want to send messages to.
|
|
|
|
`message_defaults.icon`;;
|
|
The icon to display in the Slack messages.
|
|
Overrides the incoming webhook's configured
|
|
icon. Accepts a public URL to an image.
|
|
|
|
`message_defaults.text`;;
|
|
The default message content.
|
|
|
|
`message_defaults.attachment`;;
|
|
Default message attachments. Slack message attachments
|
|
enable you to create more richly-formatted messages.
|
|
Specified as an array as defined in the
|
|
https://api.slack.com/docs/attachments[
|
|
Slack attachments documentation].
|
|
--
|
|
|
|
[float]
|
|
[[jira-notification-settings]]
|
|
==== Jira Notification Settings
|
|
You can configure the following Jira notification settings in
|
|
`elasticsearch.yml`. For more information about using notifications
|
|
to create issues in Jira, see <<configuring-jira-actions>>.
|
|
|
|
`xpack.notification.jira` ::
|
|
Specifies account information for using notifications to create
|
|
issues in Jira. You can specify the following Jira account attributes:
|
|
+
|
|
--
|
|
[[jira-account-attributes]]
|
|
|
|
`secure_url` (<<secure-settings,Secure>>);;
|
|
The URL of the Jira Software server. Required.
|
|
|
|
`secure_user` (<<secure-settings,Secure>>);;
|
|
The name of the user to connect to the Jira Software server. Required.
|
|
|
|
`secure_password` (<<secure-settings,Secure>>);;
|
|
The password of the user to connect to the Jira Software server. Required.
|
|
|
|
`issue_defaults`;;
|
|
Default fields values for the issue created in Jira. See
|
|
<<jira-action-attributes>> for more information.
|
|
Optional.
|
|
--
|
|
|
|
[float]
|
|
[[pagerduty-notification-settings]]
|
|
==== PagerDuty Notification Settings
|
|
You can configure the following PagerDuty notification settings in
|
|
`elasticsearch.yml`. For more information about sending notifications
|
|
via PagerDuty, see <<configuring-pagerduty-actions>>.
|
|
|
|
|
|
[[pagerduty-account-attributes]]
|
|
`xpack.notification.pagerduty`::
|
|
Specifies account information for sending notifications
|
|
via PagerDuty. You can specify the following PagerDuty account attributes:
|
|
+
|
|
--
|
|
`name`;;
|
|
A name for the PagerDuty account associated with the API key you
|
|
are using to access PagerDuty. Required.
|
|
|
|
`secure_service_api_key` (<<secure-settings,Secure>>);;
|
|
The https://developer.pagerduty.com/documentation/rest/authentication[
|
|
PagerDuty API key] to use to access PagerDuty. Required.
|
|
--
|
|
+
|
|
`event_defaults`;;
|
|
Default values for
|
|
<<pagerduty-event-trigger-incident-attributes,PagerDuty event attributes>>.
|
|
Optional.
|
|
+
|
|
--
|
|
`description`::
|
|
A string that contains the default description for PagerDuty events.
|
|
If no default is configured, each PagerDuty action must specify a
|
|
`description`.
|
|
|
|
`incident_key`::
|
|
A string that contains the default incident key to use when sending
|
|
PagerDuty events.
|
|
|
|
`client`::
|
|
A string that specifies the default monitoring client.
|
|
|
|
`client_url`::
|
|
The URL of the default monitoring client.
|
|
|
|
`event_type`::
|
|
The default event type. Valid values: `trigger`,`resolve`, `acknowledge`.
|
|
|
|
`attach_payload`::
|
|
Whether or not to provide the watch payload as context for
|
|
the event by default. Valid values: `true`, `false`.
|
|
--
|