Merge pull request #586 from opensearch-project/notifications
Adding content for the new Notifications plugin
This commit is contained in:
commit
88e6321f00
|
@ -58,6 +58,9 @@ collections:
|
||||||
monitoring-plugins:
|
monitoring-plugins:
|
||||||
permalink: /:collection/:path/
|
permalink: /:collection/:path/
|
||||||
output: true
|
output: true
|
||||||
|
notifications-plugin:
|
||||||
|
permalink: /:collection/:path/
|
||||||
|
output: true
|
||||||
clients:
|
clients:
|
||||||
permalink: /:collection/:path/
|
permalink: /:collection/:path/
|
||||||
output: true
|
output: true
|
||||||
|
@ -103,6 +106,9 @@ just_the_docs:
|
||||||
monitoring-plugins:
|
monitoring-plugins:
|
||||||
name: Monitoring plugins
|
name: Monitoring plugins
|
||||||
nav_fold: true
|
nav_fold: true
|
||||||
|
notifications-plugin:
|
||||||
|
name: Notifications plugin
|
||||||
|
nav_fold: true
|
||||||
clients:
|
clients:
|
||||||
name: Clients and tools
|
name: Clients and tools
|
||||||
nav_fold: true
|
nav_fold: true
|
||||||
|
|
|
@ -508,7 +508,7 @@ For information on writing cron expressions, see [Cron expression reference]({{s
|
||||||
## Error notifications
|
## Error notifications
|
||||||
|
|
||||||
The `error_notification` operation sends you a notification if your managed index fails.
|
The `error_notification` operation sends you a notification if your managed index fails.
|
||||||
It notifies a single destination with a custom message.
|
It notifies a single destination or [notification channel]({{site.url}}{{site.baseurl}}/notifications-plugin/index) with a custom message.
|
||||||
|
|
||||||
Set up error notifications at the policy level:
|
Set up error notifications at the policy level:
|
||||||
|
|
||||||
|
@ -526,7 +526,8 @@ Set up error notifications at the policy level:
|
||||||
|
|
||||||
Parameter | Description | Type | Required
|
Parameter | Description | Type | Required
|
||||||
:--- | :--- |:--- |:--- |
|
:--- | :--- |:--- |:--- |
|
||||||
`destination` | The destination URL. | `Slack, Amazon Chime, or webhook URL` | Yes
|
`destination` | The destination URL. | `Slack, Amazon Chime, or webhook URL` | Yes if `channel` isn't specified
|
||||||
|
`channel` | A notification channel's ID | `string` | Yes if `destination` isn't specified
|
||||||
`message_template` | The text of the message. You can add variables to your messages using [Mustache templates](https://mustache.github.io/mustache.5.html). | `object` | Yes
|
`message_template` | The text of the message. You can add variables to your messages using [Mustache templates](https://mustache.github.io/mustache.5.html). | `object` | Yes
|
||||||
|
|
||||||
The destination system **must** return a response otherwise the `error_notification` operation throws an error.
|
The destination system **must** return a response otherwise the `error_notification` operation throws an error.
|
||||||
|
@ -582,6 +583,21 @@ The destination system **must** return a response otherwise the `error_notificat
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
#### Example 4: Using a notification channel
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"error_notification": {
|
||||||
|
"channel": {
|
||||||
|
"id": "some-channel-config-id"
|
||||||
|
},
|
||||||
|
"message_template": {
|
||||||
|
"source": "The index {% raw %}{{ctx.index}}{% endraw %} failed during policy execution."
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
You can use the same options for `ctx` variables as the [notification](#notification) operation.
|
You can use the same options for `ctx` variables as the [notification](#notification) operation.
|
||||||
|
|
||||||
## Sample policy with ISM template for auto rollover
|
## Sample policy with ISM template for auto rollover
|
||||||
|
|
|
@ -40,78 +40,10 @@ Term | Definition
|
||||||
:--- | :---
|
:--- | :---
|
||||||
Monitor | A job that runs on a defined schedule and queries OpenSearch indexes. The results of these queries are then used as input for one or more *triggers*.
|
Monitor | A job that runs on a defined schedule and queries OpenSearch indexes. The results of these queries are then used as input for one or more *triggers*.
|
||||||
Trigger | Conditions that, if met, generate *alerts*.
|
Trigger | Conditions that, if met, generate *alerts*.
|
||||||
Tag | A label that can be applied to multiple queries to combine them with the logical OR operation in a per document monitor. You can't use tags with other monitor types.
|
Tag | A label that can be applied to multiple queries to combine them with the logical OR operation in a per document monitor. You cannot use tags with other monitor types.
|
||||||
Alert | An event associated with a trigger. When an alert is created, the trigger performs *actions*, which can include sending a notification.
|
Alert | An event associated with a trigger. When an alert is created, the trigger performs *actions*, which can include sending a notification.
|
||||||
Action | The information that you want the monitor to send out after being triggered. Actions have a *destination*, a message subject, and a message body.
|
Action | The information that you want the monitor to send out after being triggered. Actions have a *destination*, a message subject, and a message body.
|
||||||
Destination | A reusable location for an action. Supported locations are Amazon Chime, Email, Slack, or custom webhook.
|
Channel | A notification channel to use in an action. See [notifications]({{site.url}}{{site.baseurl}}/notifications-plugin/index) for more information.
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Create destinations
|
|
||||||
|
|
||||||
1. Choose **Alerting**, **Destinations**, **Add destination**.
|
|
||||||
1. Specify a name for the destination so that you can identify it later.
|
|
||||||
1. For **Type**, choose Slack, Amazon Chime, custom webhook, or [email](#email-as-a-destination).
|
|
||||||
|
|
||||||
For Email, refer to the [Email as a destination](#email-as-a-destination) section below. For all other types, specify the webhook URL. See the documentation for [Slack](https://api.slack.com/incoming-webhooks) and [Amazon Chime](https://docs.aws.amazon.com/chime/latest/ug/webhooks.html) to learn more about webhooks.
|
|
||||||
|
|
||||||
If you're using custom webhooks, you must specify more information: parameters and headers. For example, if your endpoint requires basic authentication, you might need to add a header with a key of `Authorization` and a value of `Basic <Base64-encoded-credential-string>`. You might also need to change `Content-Type` to whatever your webhook requires. Popular values are `application/json`, `application/xml`, and `text/plain`.
|
|
||||||
|
|
||||||
This information is stored in plain text in the OpenSearch cluster. We will improve this design in the future, but for now, the encoded credentials (which are neither encrypted nor hashed) might be visible to other OpenSearch users.
|
|
||||||
|
|
||||||
|
|
||||||
### Email as a destination
|
|
||||||
|
|
||||||
To send or receive an alert notification as an email, choose **Email** as the destination type. Next, add at least one sender and recipient. We recommend adding email groups if you want to notify more than a few people of an alert. You can configure senders and recipients using **Manage senders** and **Manage email groups**.
|
|
||||||
|
|
||||||
#### Manage senders
|
|
||||||
|
|
||||||
You need to specify an email account from which the Alerting plugin can send notifications.
|
|
||||||
|
|
||||||
To configure a sender email, do the following:
|
|
||||||
|
|
||||||
1. After you choose **Email** as the destination type, choose **Manage senders**.
|
|
||||||
1. Choose **Add sender**, **New sender** and enter a unique name.
|
|
||||||
1. Enter the email address, SMTP host (e.g. `smtp.gmail.com` for a Gmail account), and the port.
|
|
||||||
1. Choose an encryption method, or use the default value of **None**. However, most email providers require SSL or TLS, which require a username and password in OpenSearch keystore. Refer to [Authenticate sender account](#authenticate-sender-account) to learn more.
|
|
||||||
1. Choose **Save** to save the configuration and create the sender. You can create a sender even before you add your credentials to the OpenSearch keystore. However, you must [authenticate each sender account](#authenticate-sender-account) before you use the destination to send your alert.
|
|
||||||
|
|
||||||
You can reuse senders across many different destinations, but each destination only supports one sender.
|
|
||||||
|
|
||||||
|
|
||||||
#### Manage email groups or recipients
|
|
||||||
|
|
||||||
Use email groups to create and manage reusable lists of email addresses. For example, one alert might email the DevOps team, whereas another might email the executive team and the engineering team.
|
|
||||||
|
|
||||||
You can enter individual email addresses or an email group in the **Recipients** field.
|
|
||||||
|
|
||||||
1. After you choose **Email** as the destination type, choose **Manage email groups**. Then choose **Add email group**, **New email group**.
|
|
||||||
1. Enter a unique name.
|
|
||||||
1. For recipient emails, enter any number of email addresses.
|
|
||||||
1. Choose **Save**.
|
|
||||||
|
|
||||||
|
|
||||||
#### Authenticate sender account
|
|
||||||
|
|
||||||
If your email provider requires SSL or TLS, you must authenticate each sender account before you can send an email. Enter these credentials in the OpenSearch keystore using the CLI. Run the following commands (in your OpenSearch directory) to enter your username and password. The `<sender_name>` is the name you entered for **Sender** earlier.
|
|
||||||
|
|
||||||
```bash
|
|
||||||
./bin/opensearch-keystore add plugins.alerting.destination.email.<sender_name>.username
|
|
||||||
./bin/opensearch-keystore add plugins.alerting.destination.email.<sender_name>.password
|
|
||||||
```
|
|
||||||
|
|
||||||
Note: Keystore settings are node-specific. You must run these commands on each node.
|
|
||||||
{: .note}
|
|
||||||
|
|
||||||
To change or update your credentials (after you've added them to the keystore on every node), call the reload API to automatically update those credentials without restarting OpenSearch:
|
|
||||||
|
|
||||||
```json
|
|
||||||
POST _nodes/reload_secure_settings
|
|
||||||
{
|
|
||||||
"secure_settings_password": "1234"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
@ -347,7 +279,6 @@ Variable | Data Type | Description
|
||||||
:--- | :--- | : ---
|
:--- | :--- | : ---
|
||||||
`ctx.trigger.actions.id` | String | The action's ID.
|
`ctx.trigger.actions.id` | String | The action's ID.
|
||||||
`ctx.trigger.actions.name` | String | The action's name.
|
`ctx.trigger.actions.name` | String | The action's name.
|
||||||
`ctx.trigger.actions.destination_id`| String | The alert destination's ID.
|
|
||||||
`ctx.trigger.actions.message_template.source` | String | The message to send in the alert.
|
`ctx.trigger.actions.message_template.source` | String | The message to send in the alert.
|
||||||
`ctx.trigger.actions.message_template.lang` | String | The scripting language used to define the message. Must be Mustache.
|
`ctx.trigger.actions.message_template.lang` | String | The scripting language used to define the message. Must be Mustache.
|
||||||
`ctx.trigger.actions.throttle_enabled` | Boolean | Whether throttling is enabled for this trigger. See [adding actions](#add-actions) for more information about throttling.
|
`ctx.trigger.actions.throttle_enabled` | Boolean | Whether throttling is enabled for this trigger. See [adding actions](#add-actions) for more information about throttling.
|
||||||
|
@ -376,13 +307,13 @@ Variable | Data Type | Description
|
||||||
|
|
||||||
## Add actions
|
## Add actions
|
||||||
|
|
||||||
The final step in creating a monitor is to add one or more actions. Actions send notifications when trigger conditions are met and support [Slack](https://slack.com/), [Amazon Chime](https://aws.amazon.com/chime/), and webhooks.
|
The final step in creating a monitor is to add one or more actions. Actions send notifications when trigger conditions are met. See the [Notifications plugin]({{site.url}}{{site.baseurl}}/notifications-plugin/index) to see what communication channels are supported.
|
||||||
|
|
||||||
If you don't want to receive notifications for alerts, you don't have to add actions to your triggers. Instead, you can periodically check OpenSearch Dashboards.
|
If you don't want to receive notifications for alerts, you don't have to add actions to your triggers. Instead, you can periodically check OpenSearch Dashboards.
|
||||||
{: .tip }
|
{: .tip }
|
||||||
|
|
||||||
1. Specify a name for the action.
|
1. Specify a name for the action.
|
||||||
1. Choose a destination.
|
1. Choose a [notification channel]({{site.url}}{{site.baseurl}}/notifications-plugin/index).
|
||||||
1. Add a subject and body for the message.
|
1. Add a subject and body for the message.
|
||||||
|
|
||||||
You can add variables to your messages using [Mustache templates](https://mustache.github.io/mustache.5.html). You have access to `ctx.action.name`, the name of the current action, as well as all [trigger variables](#available-variables).
|
You can add variables to your messages using [Mustache templates](https://mustache.github.io/mustache.5.html). You have access to `ctx.action.name`, the name of the current action, as well as all [trigger variables](#available-variables).
|
||||||
|
@ -393,7 +324,7 @@ If you don't want to receive notifications for alerts, you don't have to add act
|
||||||
{% raw %}{ "text": "Monitor {{ctx.monitor.name}} just entered alert status. Please investigate the issue. - Trigger: {{ctx.trigger.name}} - Severity: {{ctx.trigger.severity}} - Period start: {{ctx.periodStart}} - Period end: {{ctx.periodEnd}}" }{% endraw %}
|
{% raw %}{ "text": "Monitor {{ctx.monitor.name}} just entered alert status. Please investigate the issue. - Trigger: {{ctx.trigger.name}} - Severity: {{ctx.trigger.severity}} - Period start: {{ctx.periodStart}} - Period end: {{ctx.periodEnd}}" }{% endraw %}
|
||||||
```
|
```
|
||||||
|
|
||||||
In this case, the message content must conform to the `Content-Type` header in the [custom webhook](#create-destinations).
|
In this case, the message content must conform to the `Content-Type` header in the [custom webhook]({{site.url}}{{site.baseurl}}/notifcations-plugin/index).
|
||||||
1. If you're using a bucket-level monitor, you can choose whether the monitor should perform an action for each execution or for each alert.
|
1. If you're using a bucket-level monitor, you can choose whether the monitor should perform an action for each execution or for each alert.
|
||||||
|
|
||||||
1. (Optional) Use action throttling to limit the number of notifications you receive within a given span of time.
|
1. (Optional) Use action throttling to limit the number of notifications you receive within a given span of time.
|
||||||
|
@ -418,6 +349,24 @@ After an action sends a message, the content of that message has left the purvie
|
||||||
If you want to use the `ctx.results` variable in a message, use `{% raw %}{{ctx.results.0}}{% endraw %}` rather than `{% raw %}{{ctx.results[0]}}{% endraw %}`. This difference is due to how Mustache handles bracket notation.
|
If you want to use the `ctx.results` variable in a message, use `{% raw %}{{ctx.results.0}}{% endraw %}` rather than `{% raw %}{{ctx.results[0]}}{% endraw %}`. This difference is due to how Mustache handles bracket notation.
|
||||||
{: .note }
|
{: .note }
|
||||||
|
|
||||||
|
### Questions about destinations
|
||||||
|
|
||||||
|
Q: What plugins do I need installed besides Alerting?
|
||||||
|
|
||||||
|
A: To continue using the notification action in the Alerting plugin, you need to install the backend plugins `notifications-core` and `notifications`. You can also install the Notifications Dashboards plugin to manage Notification channels via OpenSearch Dashboards.
|
||||||
|
|
||||||
|
Q: Can I still create destinations?
|
||||||
|
A: No, destinations have been deprecated and can no longer be created/edited.
|
||||||
|
|
||||||
|
Q: Will I need to move my destinations to the Notifications plugin?
|
||||||
|
A: No. To upgrade users, a background process will automatically move destinations to notification channels. These channels will have the same ID as the destinations, and monitor execution will choose the correct ID, so you don't have to make any changes to the monitor's definition. The migrated destinations will be deleted.
|
||||||
|
|
||||||
|
Q: What happens if any destinations fail to migrate?
|
||||||
|
A: If a destination failed to migrate, the monitor will continue using it until the monitor is migrated to a notification channel. You don't need to do anything in this case.
|
||||||
|
|
||||||
|
Q: Do I need to install the Notifications plugins if monitors can still use destinations?
|
||||||
|
A: Yes. The fallback on destination is to prevent failures in sending messages if migration fails; however, the Notification plugin is what actually sends the message. Not having the Notification plugin installed will lead to the action failing.
|
||||||
|
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,401 @@
|
||||||
|
---
|
||||||
|
layout: default
|
||||||
|
title: API
|
||||||
|
nav_order: 50
|
||||||
|
has_children: false
|
||||||
|
redirect_from:
|
||||||
|
---
|
||||||
|
|
||||||
|
# Notifications API
|
||||||
|
|
||||||
|
If you want to programmatically define your notification channels and sources for versioning and reuse, you can use the Notifications REST API to define, configure, and delete notification channels and send test messages.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
#### Table of contents
|
||||||
|
1. TOC
|
||||||
|
{:toc}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## List supported channel configurations
|
||||||
|
|
||||||
|
To retrieve a list of all supported notification configuration types, send a GET request to the `features` resource.
|
||||||
|
|
||||||
|
#### Sample Request
|
||||||
|
|
||||||
|
```json
|
||||||
|
GET /_plugins/_notifications/features
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Sample Response
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"allowed_config_type_list" : [
|
||||||
|
"slack",
|
||||||
|
"chime",
|
||||||
|
"webhook",
|
||||||
|
"email",
|
||||||
|
"sns",
|
||||||
|
"ses_account",
|
||||||
|
"smtp_account",
|
||||||
|
"email_group"
|
||||||
|
],
|
||||||
|
"plugin_features" : {
|
||||||
|
"tooltip_support" : "true"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
## List all notification configurations
|
||||||
|
|
||||||
|
To retrieve a list of all notification configurations, send a GET request to the `configs` resource.
|
||||||
|
|
||||||
|
#### Sample Request
|
||||||
|
|
||||||
|
```json
|
||||||
|
GET _plugins/_notifications/configs
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Sample Response
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"start_index" : 0,
|
||||||
|
"total_hits" : 2,
|
||||||
|
"total_hit_relation" : "eq",
|
||||||
|
"config_list" : [
|
||||||
|
{
|
||||||
|
"config_id" : "sample-id",
|
||||||
|
"last_updated_time_ms" : 1652760532774,
|
||||||
|
"created_time_ms" : 1652760532774,
|
||||||
|
"config" : {
|
||||||
|
"name" : "Sample Slack Channel",
|
||||||
|
"description" : "This is a Slack channel",
|
||||||
|
"config_type" : "slack",
|
||||||
|
"is_enabled" : true,
|
||||||
|
"slack" : {
|
||||||
|
"url" : "https://sample-slack-webhook"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"config_id" : "sample-id2",
|
||||||
|
"last_updated_time_ms" : 1652760735380,
|
||||||
|
"created_time_ms" : 1652760735380,
|
||||||
|
"config" : {
|
||||||
|
"name" : "Test chime channel",
|
||||||
|
"description" : "A test chime channel",
|
||||||
|
"config_type" : "chime",
|
||||||
|
"is_enabled" : true,
|
||||||
|
"chime" : {
|
||||||
|
"url" : "https://sample-chime-webhook"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
To filter the notification configuration types this request returns, you can refine your query with the following optional path parameters.
|
||||||
|
|
||||||
|
Parameter | Description
|
||||||
|
:--- | :---
|
||||||
|
config_id | Specifies the channel identifier.
|
||||||
|
config_id_list | Specifies a comma-separated list of channel IDs.
|
||||||
|
from_index | The starting index to search from.
|
||||||
|
max_items | The maximum amount of items to return in your request.
|
||||||
|
sort_order | Specifies the direction to sort results in. Valid options are `asc` and `desc`.
|
||||||
|
sort_field | Field to sort results with.
|
||||||
|
last_updated_time_ms | The Unix time in milliseconds of when the channel was last updated.
|
||||||
|
created_time_ms | The Unix time in milliseconds of when the channel was created.
|
||||||
|
is_enabled | Indicates whether the channel is enabled.
|
||||||
|
config_type | The channel type. Valid options are `sns`, `slack`, `chime`, `webhook`, `smtp_account`, `ses_account`, `email_group`, and `email`.
|
||||||
|
name | The channel's name.
|
||||||
|
description | The channel's description.
|
||||||
|
email.email_account_id | The sender email addresses the channel uses.
|
||||||
|
email.email_group_id_list | The email groups the channel uses.
|
||||||
|
email.recipient_list | The channel's recipient list.
|
||||||
|
email_group.recipient_list | The channel's list of email recipient groups.
|
||||||
|
smtp_account.method | The email encryption method.
|
||||||
|
slack.url | The Slack channel's URL.
|
||||||
|
chime.url | The Amazon Chime connection's URL.
|
||||||
|
webhook.url | The webhook's URL.
|
||||||
|
smtp_account.host | The domain of the SMTP account.
|
||||||
|
smtp_account.from_address | The email account's sender address.
|
||||||
|
smtp_account.method | The SMTP account's encryption method.
|
||||||
|
sns.topic_arn | The Amazon Simple Notification Service (SNS) topic's ARN.
|
||||||
|
sns.role_arn | The Amazon SNS topic's role ARN.
|
||||||
|
ses_account.region | The Amazon Simple Email Service (SES) account's AWS Region.
|
||||||
|
ses_account.role_arn | The Amazon SES account's role ARN.
|
||||||
|
ses_account.from_address | The Amazon SES account's sender email address.
|
||||||
|
|
||||||
|
## Create channel configuration
|
||||||
|
|
||||||
|
To create a notification channel configuration, send a POST request to the `configs` resource.
|
||||||
|
|
||||||
|
#### Sample Request
|
||||||
|
|
||||||
|
```json
|
||||||
|
POST /_plugins/_notifications/configs/
|
||||||
|
{
|
||||||
|
"config_id": "sample-id",
|
||||||
|
"name": "sample-name",
|
||||||
|
"config": {
|
||||||
|
"name": "Sample Slack Channel",
|
||||||
|
"description": "This is a Slack channel",
|
||||||
|
"config_type": "slack",
|
||||||
|
"is_enabled": true,
|
||||||
|
"slack": {
|
||||||
|
"url": "https://sample-slack-webhook"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
The create channel API operation accepts the following fields in its request body:
|
||||||
|
|
||||||
|
Field | Data Type | Description | Required
|
||||||
|
:--- | :--- | :--- | :---
|
||||||
|
config_id | String | The configuration's custom ID. | No
|
||||||
|
config | Object | Contains all relevant information, such as channel name, configuration type, and plugin source. | Yes
|
||||||
|
name | String | Name of the channel. | Yes
|
||||||
|
description | String | The channel's description. | No
|
||||||
|
config_type | String | The destination of your notification. Valid options are `sns`, `slack`, `chime`, `webhook`, `smtp_account`, `ses_account`, `email_group`, and `email`. | Yes
|
||||||
|
is_enabled | Boolean | Indicates whether the channel is enabled for sending and receiving notifications. Default is true. | No
|
||||||
|
|
||||||
|
The create channel operation accepts multiple `config_types` as possible notification destinations, so follow the format for your preferred `config_type`.
|
||||||
|
|
||||||
|
```json
|
||||||
|
"sns": {
|
||||||
|
"topic_arn": "<arn>",
|
||||||
|
"role_arn": "<arn>" //optional
|
||||||
|
}
|
||||||
|
"slack": {
|
||||||
|
"url": "https://sample-chime-webhoook"
|
||||||
|
}
|
||||||
|
"chime": {
|
||||||
|
"url": "https://sample-amazon-chime-webhoook"
|
||||||
|
}
|
||||||
|
"webhook": {
|
||||||
|
"url": "https://custom-webhook-test-url.com:8888/test-path?params1=value1¶ms2=value2"
|
||||||
|
}
|
||||||
|
"smtp_account": {
|
||||||
|
"host": "test-host.com",
|
||||||
|
"port": 123,
|
||||||
|
"method": "start_tls",
|
||||||
|
"from_address": "test@email.com"
|
||||||
|
}
|
||||||
|
"ses_account": {
|
||||||
|
"region": "us-east-1",
|
||||||
|
"role_arn": "arn:aws:iam::012345678912:role/NotificationsSESRole",
|
||||||
|
"from_address": "test@email.com"
|
||||||
|
}
|
||||||
|
"email_group": { //Email recipient group
|
||||||
|
"recipient_list": [
|
||||||
|
{
|
||||||
|
"recipient": "test-email1@test.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "test-email2@test.com"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
"email": { //The channel that sends emails
|
||||||
|
"email_account_id": "<smtp or ses account config id>",
|
||||||
|
"recipient_list": [
|
||||||
|
{
|
||||||
|
"recipient": "custom.email@test.com"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"email_group_id_list": []
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
The following example demonstrates how to create a channel using email as a `config_type`:
|
||||||
|
|
||||||
|
```json
|
||||||
|
POST /_plugins/_notifications/configs/
|
||||||
|
{
|
||||||
|
"id": "sample-email-id",
|
||||||
|
"name": "sample-name",
|
||||||
|
"config": {
|
||||||
|
"name": "Sample Email Channel",
|
||||||
|
"description": "Sample email description",
|
||||||
|
"config_type": "email",
|
||||||
|
"is_enabled": true,
|
||||||
|
"email": {
|
||||||
|
"email_account_id": "<email_account_id>",
|
||||||
|
"recipient_list": [
|
||||||
|
"sample@email.com"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Sample Response
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"config_id" : "<config_id>"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
## Get channel configuration
|
||||||
|
|
||||||
|
To get a channel configuration by `config_id`, send a GET request and specify the `config_id` as a path parameter.
|
||||||
|
|
||||||
|
#### Sample Request
|
||||||
|
|
||||||
|
```json
|
||||||
|
GET _plugins/_notifications/configs/<config_id>
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Sample Response
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"start_index" : 0,
|
||||||
|
"total_hits" : 1,
|
||||||
|
"total_hit_relation" : "eq",
|
||||||
|
"config_list" : [
|
||||||
|
{
|
||||||
|
"config_id" : "sample-id",
|
||||||
|
"last_updated_time_ms" : 1652760532774,
|
||||||
|
"created_time_ms" : 1652760532774,
|
||||||
|
"config" : {
|
||||||
|
"name" : "Sample Slack Channel",
|
||||||
|
"description" : "This is a Slack channel",
|
||||||
|
"config_type" : "slack",
|
||||||
|
"is_enabled" : true,
|
||||||
|
"slack" : {
|
||||||
|
"url" : "https://sample-slack-webhook"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
## Update channel configuration
|
||||||
|
|
||||||
|
To update a channel configuration, send a POST request to the `configs` resource and specify the channel's `config_id` as a path parameter. Specify the new configuration details in the request body.
|
||||||
|
|
||||||
|
#### Sample Request
|
||||||
|
|
||||||
|
```json
|
||||||
|
PUT _plugins/_notifications/configs/<config_id>
|
||||||
|
{
|
||||||
|
"config": {
|
||||||
|
"name": "Slack Channel",
|
||||||
|
"description": "This is an updated channel configuration",
|
||||||
|
"config_type": "slack",
|
||||||
|
"is_enabled": true,
|
||||||
|
"slack": {
|
||||||
|
"url": "https://hooks.slack.com/sample-url"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Sample Response
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"config_id" : "<config_id>"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
## Delete channel configuration
|
||||||
|
|
||||||
|
To delete a channel configuration, send a DELETE request to the `configs` resource and specify the `config_id` as a path parameter.
|
||||||
|
|
||||||
|
#### Sample Request
|
||||||
|
|
||||||
|
```json
|
||||||
|
DELETE /_plugins/_notifications/configs/<config_id>
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Sample Response
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"delete_response_list" : {
|
||||||
|
"<config_id>" : "OK"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
You can also submit a comma-separated list of channel IDs you want to delete, and OpenSearch deletes all of the specified notification channels.
|
||||||
|
|
||||||
|
#### Sample Request
|
||||||
|
|
||||||
|
```json
|
||||||
|
DELETE /_plugins/_notifications/configs/?config_id_list=<config_id1>,<config_id2>,<config_id3>...
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Sample Response
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"delete_response_list" : {
|
||||||
|
"<config_id1>" : "OK",
|
||||||
|
"<config_id2>" : "OK",
|
||||||
|
"<config_id3>" : "OK"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
## Send test notification
|
||||||
|
|
||||||
|
To send a test notification, send a GET request to `/feature/test/` and specify the channel configuration's `config_id` as a path parameter.
|
||||||
|
|
||||||
|
#### Sample Request
|
||||||
|
|
||||||
|
```json
|
||||||
|
GET _plugins/_notifications/feature/test/<config_id>
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Sample Response
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"event_source" : {
|
||||||
|
"title" : "Test Message Title-0Jnlh4ABa4TCWn5C5H2G",
|
||||||
|
"reference_id" : "0Jnlh4ABa4TCWn5C5H2G",
|
||||||
|
"severity" : "info",
|
||||||
|
"tags" : [ ]
|
||||||
|
},
|
||||||
|
"status_list" : [
|
||||||
|
{
|
||||||
|
"config_id" : "0Jnlh4ABa4TCWn5C5H2G",
|
||||||
|
"config_type" : "slack",
|
||||||
|
"config_name" : "sample-id",
|
||||||
|
"email_recipient_status" : [ ],
|
||||||
|
"delivery_status" : {
|
||||||
|
"status_code" : "200",
|
||||||
|
"status_text" : """<!doctype html>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<div>
|
||||||
|
<h1>Example Domain</h1>
|
||||||
|
<p>Sample paragraph.</p>
|
||||||
|
<p><a href="sample.example.com">TO BE OR NOT TO BE, THAT IS THE QUESTION</a></p>
|
||||||
|
</div>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
|
"""
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
```
|
|
@ -0,0 +1,136 @@
|
||||||
|
---
|
||||||
|
layout: default
|
||||||
|
title: Notifications
|
||||||
|
nav_order: 1
|
||||||
|
has_children: false
|
||||||
|
redirect_from:
|
||||||
|
- /notifications-plugin/
|
||||||
|
---
|
||||||
|
|
||||||
|
# Notifications
|
||||||
|
|
||||||
|
The Notifications plugin provides a central location for all of your notifications from OpenSearch plugins. Using the plugin, you can configure which communication service you want to use and see relevant statistics and troubleshooting information. Currently, the Alerting and ISM plugins have integrated with the Notifications plugin.
|
||||||
|
|
||||||
|
You can use either OpenSearch Dashboards or the REST API to configure notifications. Dashboards offers a more organized way of selecting a channel type and selecting which OpenSearch plugin sources you want to use, whereas the REST API lets you programmatically define your notification channels for better versioning and reuse later on.
|
||||||
|
|
||||||
|
1. Use the Dashboards UI to first create a channel that receives notifications from other plugins. Supported communication channels include Amazon Chime, Amazon Simple Notification Service (Amazon SNS), Amazon Simple Email Service (Amazon SES), email through SMTP, Slack, and custom webhooks. After you’ve configured your channel and plugin sources, send messages and start tracking your notifications from the Notifications plugin's dashboard.
|
||||||
|
|
||||||
|
2. Use the Notifications REST API to configure all of your channel's settings. To use the API, you must have your notification's name, description, channel type, which OpenSearch plugins to use as sources, and other associated URLs or groups.
|
||||||
|
|
||||||
|
## Create a channel
|
||||||
|
|
||||||
|
In OpenSearch Dashboards, choose **Notifications**, **Channels**, and **Create channel**.
|
||||||
|
|
||||||
|
1. In the **Name and description** section, specify a name and optional description for your channel.
|
||||||
|
2. In the **Configurations** section, select the channel type and enter the necessary information for each type. For more information about configuring a channel that uses Amazon SNS or email, refer to the sections below. If you want to use Amazon Chime or Slack, you need to specify the webhook URL. For more information about using webhooks, see the documentation for [Slack](https://api.slack.com/messaging/webhooks) and [Amazon Chime](https://docs.aws.amazon.com/chime/latest/ug/webhooks.html).
|
||||||
|
|
||||||
|
If you want to use custom webhooks, you must specify more information: parameters and headers. For example, if your endpoint requires basic authentication, you might need to add a header with an authorization key and a value of `Basic <Base64-encoded-credential-string>`. You might also need to change `Content-Type` to whatever your webhook requires. Popular values are `application/json`, `application/xml`, and `text/plain`.
|
||||||
|
|
||||||
|
This information is stored in plain text in the OpenSearch cluster. We will improve this design in the future, but for now, the encoded credentials (which are neither encrypted nor hashed) might be visible to other OpenSearch users.
|
||||||
|
|
||||||
|
1. In the **Availability** section, select the OpenSearch plugins you want to use with the notification channel.
|
||||||
|
2. Choose **Create**.
|
||||||
|
|
||||||
|
### Amazon SNS as a channel type
|
||||||
|
|
||||||
|
OpenSearch supports Amazon SNS for notifications. This integration with Amazon SNS means that, in addition to the other channel types, the Notifications plugin can send email messages, text messages, and even run AWS Lambda functions using SNS topics. For more information about Amazon SNS, see the [Amazon Simple Notification Service Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/welcome.html).
|
||||||
|
|
||||||
|
The Notifications plugin currently supports two ways to authenticate users:
|
||||||
|
|
||||||
|
1. Provide the user with full access to Amazon SNS.
|
||||||
|
2. Let the user assume an AWS Identity and Access Management (IAM) role that has permissions to access Amazon SNS. Once you configure the notification channel to use the right Amazon SNS permissions, select the OpenSearch plugins that can trigger notifications.
|
||||||
|
|
||||||
|
### Provide full Amazon SNS access permissions
|
||||||
|
|
||||||
|
If you want to provide full Amazon SNS access to the IAM user, ensure that the user has the following permissions:
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"Version": "2012-10-17",
|
||||||
|
"Statement": [
|
||||||
|
{
|
||||||
|
"Action": [
|
||||||
|
"sns:*"
|
||||||
|
],
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Resource": "*"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
### Assuming an IAM role with Amazon SNS permissions
|
||||||
|
|
||||||
|
If you want to let the user send notifications without directly having full permissions to Amazon SNS, let the user assume a role that does have the necessary permissions.
|
||||||
|
|
||||||
|
The IAM user must have the following permissions to assume a role:
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"Version": "2012-10-17",
|
||||||
|
"Statement": [
|
||||||
|
{
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Action": [
|
||||||
|
"ec2:Describe*",
|
||||||
|
"iam:ListRoles",
|
||||||
|
"sts:AssumeRole"
|
||||||
|
],
|
||||||
|
"Resource": "*"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
Then add this policy into the IAM user’s trust relationship to actually assume the role:
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"Version": "2012-10-17",
|
||||||
|
"Statement": [
|
||||||
|
{
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Principal": {
|
||||||
|
"AWS": "arn:aws:iam::<arn_number>:user/<iam_username>",
|
||||||
|
},
|
||||||
|
"Action": "sts:AssumeRole"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
## Email as a channel type
|
||||||
|
|
||||||
|
To send or receive notifications with email, choose **Email** as the channel type. Next, select at least one sender and default recipient. To send notifications to more than a few people at a time, specify multiple email addresses or select a recipient group. If the Notifications plugin doesn’t currently have the necessary senders or groups, you can add them by first selecting **SMTP sender** and then choosing **Create SMTP sender** or **Create recipient group**. Choose **SES sender** to use Amazon Simple Email Service (Amazon SES).
|
||||||
|
|
||||||
|
### Create email sender
|
||||||
|
|
||||||
|
1. Specify a unique name to associate with the sender.
|
||||||
|
2. Enter an email address and, if applicable, its host (for example, smtp.gmail.com) and the port. If you're using Amazon SES, enter the IAM role Amazon Resource Name (ARN) of the AWS account to send notifications from, along with the AWS Region.
|
||||||
|
3. Choose an encryption method. Most email providers require Secure Sockets Layer (SSL) or Transport Layer Security (TLS), which require a user name and password in the OpenSearch keystore. See [Authenticate sender account](#authenticate-sender-account) to learn more. Selecting an encryption method is only applicable if you're creating an SMTP sender.
|
||||||
|
4. Choose **Create** to save the configuration and create the sender. You can create a sender before you add your credentials to the OpenSearch keystore; however, you must [authenticate each sender account](#authenticate-sender-account) before you use the sender in your channel configuration.
|
||||||
|
|
||||||
|
### Create email recipient group
|
||||||
|
|
||||||
|
1. After choosing **Create recipient group**, enter a unique name to associate with the email group and an optional description.
|
||||||
|
2. Select or enter the email addresses you want to add to the recipient group.
|
||||||
|
3. Choose **Create**.
|
||||||
|
|
||||||
|
### Authenticate sender account
|
||||||
|
|
||||||
|
If your email provider requires SSL or TLS, you must authenticate each sender account before you can send an email. Enter the sender account credentials in the OpenSearch keystore using the command line interface (CLI). Run the following commands (in your OpenSearch directory) to enter your user name and password. The <sender_name> is the name you entered for **Sender** earlier.
|
||||||
|
|
||||||
|
```json
|
||||||
|
opensearch.notifications.core.email.<sender_name>.username
|
||||||
|
opensearch.notifications.core.email.<sender_name>.password
|
||||||
|
```
|
||||||
|
|
||||||
|
To change or update your credentials (after you’ve added them to the keystore on every node), call the reload API to automatically update those credentials without restarting OpenSearch.
|
||||||
|
|
||||||
|
```json
|
||||||
|
POST _nodes/reload_secure_settings
|
||||||
|
{
|
||||||
|
"secure_settings_password": "1234"
|
||||||
|
}
|
||||||
|
```
|
Loading…
Reference in New Issue