https://www.elastic.co/guide/en/x-pack/current/xpack-alerting.html
- Schedule
- Query
- Condition
- Actions
GET _xpack/watcher/stats
GET .watcher-history*/_search?pretty
{
"sort" : [
{ "result.execution_time" : "desc" }
]
}
xpack.notification.email.account:
work:
profile: gmail
email_defaults:
from: alert@cspinformatique.com
smtp:
auth: true
starttls.enable: true
host: smtpout.secureserver.net
port: 587
user: <username>
password: <password>
PUT _xpack/watcher/watch/cluster_health_watch
{
"trigger" : {
"schedule" : { "interval" : "10s" }
},
"input" : {
"http" : {
"request" : {
"host" : "localhost",
"port" : 9200,
"path" : "/_cluster/health"
}
}
},
"condition" : {
"compare" : {
"ctx.payload.status" : { "eq" : "red" }
}
},
"actions" : {
"send_email" : {
"email" : {
"to" : "<username>@<domainname>",
"subject" : "Cluster Status Warning",
"body" : "Cluster status is RED"
}
}
}
}
DELETE _xpack/watcher/watch/cluster_health_watch
https://www.elastic.co/guide/en/x-pack/current/actions.html#actions-ack-throttle