443 lines
15 KiB
Plaintext
443 lines
15 KiB
Plaintext
[role="xpack"]
|
|
[[notification-settings]]
|
|
=== {watcher} settings in Elasticsearch
|
|
|
|
[subs="attributes"]
|
|
++++
|
|
<titleabbrev>{watcher} settings</titleabbrev>
|
|
++++
|
|
|
|
[[notification-settings-description]]
|
|
// tag::notification-settings-description-tag[]
|
|
You configure {watcher} settings to set up {watcher} and send notifications via
|
|
<<email-notification-settings,email>>,
|
|
<<slack-notification-settings,Slack>>, and
|
|
<<pagerduty-notification-settings, PagerDuty>>.
|
|
|
|
All of these settings can be added to the `elasticsearch.yml` configuration file,
|
|
with the exception of the secure settings, which you add to the {es} keystore.
|
|
For more information about creating and updating the {es} keystore, see
|
|
<<secure-settings>>. Dynamic settings can also be updated across a cluster with the
|
|
<<cluster-update-settings,cluster update settings API>>.
|
|
// end::notification-settings-description-tag[]
|
|
|
|
[[general-notification-settings]]
|
|
==== General Watcher Settings
|
|
`xpack.watcher.enabled`::
|
|
(<<static-cluster-setting,Static>>)
|
|
Set to `false` to disable {watcher} on the node.
|
|
|
|
[[xpack-watcher-encrypt-sensitive-data]]
|
|
// tag::watcher-encrypt-sensitive-data-tag[]
|
|
`xpack.watcher.encrypt_sensitive_data` {ess-icon}::
|
|
(<<static-cluster-setting,Static>>)
|
|
Set to `true` to encrypt sensitive data. If this setting is enabled, you
|
|
must also specify the `xpack.watcher.encryption_key` setting. For more
|
|
information, see <<encrypting-data>>.
|
|
// end::watcher-encrypt-sensitive-data-tag[]
|
|
|
|
`xpack.watcher.encryption_key`::
|
|
(<<secure-settings,Secure>>)
|
|
Specifies the path to a file that contains a key for encrypting sensitive data.
|
|
If `xpack.watcher.encrypt_sensitive_data` is set to `true`, this setting is
|
|
required. For more information, see <<encrypting-data>>.
|
|
|
|
[[xpack-watcher-history-cleaner-service]]
|
|
// tag::watcher-history-cleaner-service-tag[]
|
|
`xpack.watcher.history.cleaner_service.enabled` {ess-icon}::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
added:[6.3.0,Default changed to `true`.]
|
|
deprecated:[7.0.0,Watcher history indices are now managed by the `watch-history-ilm-policy` ILM policy]
|
|
+
|
|
Set to `true` (default) to enable the cleaner service. The cleaner service
|
|
removes previous versions of {watcher} indices (for example,
|
|
`.watcher-history*`) when it determines that they are old. The duration of
|
|
{watcher} indices is determined by the `xpack.monitoring.history.duration`
|
|
setting, which defaults to 7 days. For more information about that setting,
|
|
see <<monitoring-settings>>.
|
|
// end::watcher-history-cleaner-service-tag[]
|
|
|
|
`xpack.http.proxy.host`::
|
|
(<<static-cluster-setting,Static>>)
|
|
Specifies the address of the proxy server to use to connect to HTTP services.
|
|
|
|
`xpack.http.proxy.port`::
|
|
(<<static-cluster-setting,Static>>)
|
|
Specifies the port number to use to connect to the proxy server.
|
|
|
|
`xpack.http.default_connection_timeout`::
|
|
(<<static-cluster-setting,Static>>)
|
|
The maximum period to wait until abortion of the request, when a
|
|
connection is being initiated.
|
|
|
|
`xpack.http.default_read_timeout`::
|
|
(<<static-cluster-setting,Static>>)
|
|
The maximum period of inactivity between two data packets, before the
|
|
request is aborted.
|
|
|
|
`xpack.http.max_response_size`::
|
|
(<<static-cluster-setting,Static>>)
|
|
Specifies the maximum size an HTTP response is allowed to have, defaults to
|
|
`10mb`, the maximum configurable value is `50mb`.
|
|
|
|
`xpack.http.whitelist`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
A list of URLs, that the internal HTTP client is allowed to connect to. This
|
|
client is used in the HTTP input, the webhook, the slack, pagerduty,
|
|
and jira actions. This setting can be updated dynamically. It defaults to `*`
|
|
allowing everything. Note: If you configure this setting and you are using one
|
|
of the slack/pagerduty actions, you have to ensure that the
|
|
corresponding endpoints are explicitly allowed as well.
|
|
|
|
[[ssl-notification-settings]]
|
|
:ssl-prefix: xpack.http
|
|
:component: {watcher} HTTP
|
|
:verifies:
|
|
:server!:
|
|
:ssl-context: watcher
|
|
|
|
include::ssl-settings.asciidoc[]
|
|
|
|
[[email-notification-settings]]
|
|
==== Email Notification Settings
|
|
You can configure the following email notification settings in
|
|
`elasticsearch.yml`. For more information about sending notifications
|
|
via email, see <<configuring-email-actions>>.
|
|
|
|
`xpack.notification.email.default_account`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
Default email account to use.
|
|
+
|
|
If you configure multiple email accounts, you must either configure this setting
|
|
or specify the email account to use in the <<actions-email,`email`>> action. See
|
|
<<configuring-email>>.
|
|
|
|
`xpack.notification.email.account`::
|
|
Specifies account information for sending notifications via email. You
|
|
can specify the following email account attributes:
|
|
+
|
|
--
|
|
[[email-account-attributes]]
|
|
|
|
`profile`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
The <<configuring-email,email profile>> to use to build the MIME
|
|
messages that are sent from the account. Valid values: `standard`, `gmail` and
|
|
`outlook`. Defaults to `standard`.
|
|
|
|
`email_defaults.*`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
An optional set of email attributes to use as defaults
|
|
for the emails sent from the account. See
|
|
<<email-action-attributes>> for the supported
|
|
attributes.
|
|
|
|
`smtp.auth`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
Set to `true` to attempt to authenticate the user using the
|
|
AUTH command. Defaults to `false`.
|
|
|
|
`smtp.host`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
The SMTP server to connect to. Required.
|
|
|
|
`smtp.port`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
The SMTP server port to connect to. Defaults to 25.
|
|
|
|
`smtp.user`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
The user name for SMTP. Required.
|
|
|
|
`smtp.secure_password`::
|
|
(<<secure-settings,Secure>>)
|
|
The password for the specified SMTP user.
|
|
|
|
`smtp.starttls.enable`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
Set to `true` to enable the use of the `STARTTLS`
|
|
command (if supported by the server) to switch the connection to a
|
|
TLS-protected connection before issuing any login commands. Note that
|
|
an appropriate trust store must be configured so that the client will
|
|
trust the server's certificate. Defaults to `false`.
|
|
|
|
`smtp.starttls.required`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
If `true`, then `STARTTLS` will be required. If that command fails, the
|
|
connection will fail. Defaults to `false`.
|
|
|
|
`smtp.ssl.trust`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
A list of SMTP server hosts that are assumed trusted and for which
|
|
certificate verification is disabled. If set to "*", all hosts are
|
|
trusted. If set to a whitespace separated list of hosts, those hosts
|
|
are trusted. Otherwise, trust depends on the certificate the server
|
|
presents.
|
|
|
|
`smtp.timeout`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
The socket read timeout. Default is two minutes.
|
|
|
|
`smtp.connection_timeout`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
The socket connection timeout. Default is two minutes.
|
|
|
|
`smtp.write_timeout`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
The socket write timeout. Default is two minutes.
|
|
|
|
`smtp.local_address`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
A configurable local address when sending emails. Not configured by default.
|
|
|
|
`smtp.local_port`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
A configurable local port when sending emails. Not configured by default.
|
|
|
|
`smtp.send_partial`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
Send an email, despite one of the receiver addresses being invalid.
|
|
|
|
`smtp.wait_on_quit`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
If set to false the QUIT command is sent and the connection closed. If set to
|
|
true, the QUIT command is sent and a reply is waited for. True by default.
|
|
--
|
|
|
|
`xpack.notification.email.html.sanitization.allow`::
|
|
Specifies the HTML elements that are allowed in email notifications. For
|
|
more information, see
|
|
<<email-html-sanitization>>. You can
|
|
specify individual HTML elements and the following HTML feature groups:
|
|
+
|
|
--
|
|
[[html-feature-groups]]
|
|
|
|
`_tables`::
|
|
(<<static-cluster-setting,Static>>)
|
|
All table related elements: `<table>`, `<th>`, `<tr>`, `<td>`, `<caption>`,
|
|
`<col>`, `<colgroup>`, `<thead>`, `<tbody>`, and `<tfoot>`.
|
|
|
|
`_blocks`::
|
|
(<<static-cluster-setting,Static>>)
|
|
The following block elements: `<p>`, `<div>`, `<h1>`,
|
|
`<h2>`, `<h3>`, `<h4>`, `<h5>`, `<h6>`, `<ul>`, `<ol>`,
|
|
`<li>`, and `<blockquote>`.
|
|
|
|
`_formatting`::
|
|
(<<static-cluster-setting,Static>>)
|
|
The following inline formatting elements: `<b>`, `<i>`,
|
|
`<s>`, `<u>`, `<o>`, `<sup>`, `<sub>`, `<ins>`, `<del>`,
|
|
`<strong>`, `<strike>`, `<tt>`, `<code>`, `<big>`,
|
|
`<small>`, `<hr>`, `<br>`, `<span>`, and `<em>`.
|
|
|
|
`_links`::
|
|
(<<static-cluster-setting,Static>>)
|
|
The `<a>` element with an `href` attribute that points
|
|
to a URL using the following protocols: `http`, `https`
|
|
and `mailto`.
|
|
|
|
`_styles`::
|
|
(<<static-cluster-setting,Static>>)
|
|
The `style` attribute on all elements. Note that CSS
|
|
attributes are also sanitized to prevent XSS attacks.
|
|
|
|
`img`::
|
|
`img:all`::
|
|
(<<static-cluster-setting,Static>>)
|
|
All images (external and embedded).
|
|
|
|
`img:embedded`::
|
|
(<<static-cluster-setting,Static>>)
|
|
Only embedded images. Embedded images can only use the
|
|
`cid:` URL protocol in their `src` attribute.
|
|
--
|
|
|
|
`xpack.notification.email.html.sanitization.disallow`::
|
|
(<<static-cluster-setting,Static>>)
|
|
Specifies the HTML elements that are NOT allowed in email notifications.
|
|
You can specify individual HTML elements and <<html-feature-groups,
|
|
HTML feature groups>>.
|
|
|
|
`xpack.notification.email.html.sanitization.enabled` ::
|
|
(<<static-cluster-setting,Static>>)
|
|
Set to `false` to completely disable HTML sanitation. Not recommended.
|
|
Defaults to `true`.
|
|
|
|
[[ssl-notification-smtp-settings]]
|
|
:ssl-prefix: xpack.notification.email
|
|
:component: {watcher} Email
|
|
:verifies:
|
|
:server!:
|
|
:ssl-context: watcher-email
|
|
|
|
include::ssl-settings.asciidoc[]
|
|
|
|
[[slack-notification-settings]]
|
|
==== Slack Notification Settings
|
|
You can configure the following Slack notification settings in
|
|
`elasticsearch.yml`. For more information about sending notifications
|
|
via Slack, see <<configuring-slack-actions>>.
|
|
|
|
|
|
`xpack.notification.slack.default_account`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
Default Slack account to use.
|
|
+
|
|
If you configure multiple Slack accounts, you must either configure this setting
|
|
or specify the Slack account to use in the <<actions-slack,`slack`>> action. See
|
|
<<configuring-slack>>.
|
|
|
|
[[slack-account-attributes]]
|
|
`xpack.notification.slack.account`::
|
|
Specifies account information for sending notifications
|
|
via Slack. You can specify the following Slack account attributes:
|
|
+
|
|
--
|
|
`secure_url`::
|
|
(<<secure-settings,Secure>>)
|
|
The Incoming Webhook URL to use to post messages to Slack. Required.
|
|
|
|
`message_defaults`::
|
|
Default values for
|
|
<<slack-action-attributes,Slack message attributes>>.
|
|
|
|
`from`:::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
The sender name to display in the
|
|
Slack message. Defaults to the watch ID.
|
|
|
|
`to`:::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
The default Slack channels or groups you
|
|
want to send messages to.
|
|
|
|
`icon`:::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
The icon to display in the Slack messages.
|
|
Overrides the incoming webhook's configured
|
|
icon. Accepts a public URL to an image.
|
|
|
|
`text`:::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
The default message content.
|
|
|
|
`attachment`:::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
Default message attachments. Slack message attachments
|
|
enable you to create more richly-formatted messages.
|
|
Specified as an array as defined in the
|
|
https://api.slack.com/docs/attachments[
|
|
Slack attachments documentation].
|
|
--
|
|
|
|
[[jira-notification-settings]]
|
|
==== Jira Notification Settings
|
|
You can configure the following Jira notification settings in
|
|
`elasticsearch.yml`. For more information about using notifications
|
|
to create issues in Jira, see <<configuring-jira-actions>>.
|
|
|
|
`xpack.notification.jira.default_account`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
Default Jira account to use.
|
|
+
|
|
If you configure multiple Jira accounts, you must either configure this setting
|
|
or specify the Jira account to use in the <<actions-jira,`jira`>> action. See
|
|
<<configuring-jira>>.
|
|
|
|
[[jira-account-attributes]]
|
|
`xpack.notification.jira.account`::
|
|
Specifies account information for using notifications to create
|
|
issues in Jira. You can specify the following Jira account attributes:
|
|
+
|
|
--
|
|
`allow_http`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
If `false`, Watcher rejects URL settings that use a HTTP protocol. Defaults to
|
|
`false`.
|
|
|
|
`secure_url`::
|
|
(<<secure-settings,Secure>>)
|
|
The URL of the Jira Software server. Required.
|
|
|
|
`secure_user`::
|
|
(<<secure-settings,Secure>>)
|
|
The name of the user to connect to the Jira Software server. Required.
|
|
|
|
`secure_password`::
|
|
(<<secure-settings,Secure>>)
|
|
The password of the user to connect to the Jira Software server. Required.
|
|
|
|
`issue_defaults`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
Default fields values for the issue created in Jira. See
|
|
<<jira-action-attributes>> for more information.
|
|
Optional.
|
|
--
|
|
|
|
[[pagerduty-notification-settings]]
|
|
==== PagerDuty Notification Settings
|
|
You can configure the following PagerDuty notification settings in
|
|
`elasticsearch.yml`. For more information about sending notifications
|
|
via PagerDuty, see <<configuring-pagerduty-actions>>.
|
|
|
|
`xpack.notification.pagerduty.default_account`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
Default PagerDuty account to use.
|
|
+
|
|
If you configure multiple PagerDuty accounts, you must either configure this
|
|
setting or specify the PagerDuty account to use in the
|
|
<<actions-pagerduty,`pagerduty`>> action. See <<configuring-pagerduty>>.
|
|
|
|
[[pagerduty-account-attributes]]
|
|
`xpack.notification.pagerduty.account`::
|
|
Specifies account information for sending notifications via PagerDuty. You can
|
|
specify the following PagerDuty account attributes:
|
|
+
|
|
--
|
|
`name`::
|
|
(<<static-cluster-setting,Static>>)
|
|
A name for the PagerDuty account associated with the API key you
|
|
are using to access PagerDuty. Required.
|
|
|
|
`secure_service_api_key`::
|
|
(<<secure-settings,Secure>>)
|
|
The https://developer.pagerduty.com/documentation/rest/authentication[
|
|
PagerDuty API key] to use to access PagerDuty. Required.
|
|
--
|
|
+
|
|
`event_defaults`::
|
|
Default values for
|
|
<<pagerduty-event-trigger-incident-attributes,PagerDuty event attributes>>.
|
|
Optional.
|
|
+
|
|
--
|
|
`description`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
A string that contains the default description for PagerDuty events.
|
|
If no default is configured, each PagerDuty action must specify a
|
|
`description`.
|
|
|
|
`incident_key`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
A string that contains the default incident key to use when sending
|
|
PagerDuty events.
|
|
|
|
`client`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
A string that specifies the default monitoring client.
|
|
|
|
`client_url`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
The URL of the default monitoring client.
|
|
|
|
`event_type`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
The default event type. Valid values: `trigger`,`resolve`, `acknowledge`.
|
|
|
|
`attach_payload`::
|
|
(<<dynamic-cluster-setting,Dynamic>>)
|
|
Whether or not to provide the watch payload as context for
|
|
the event by default. Valid values: `true`, `false`.
|
|
--
|