0

I just tried working with elasticsearch and now trying to create first watcher

There are some information I have read in elasticsearch documentation : https://www.elastic.co/guide/en/x-pack/current/watcher-getting-started.html

And now I trty to create one : 

https://es.origin-test.cloud.rccf.ru/apiconnect508/_xpack/watcher/watch/audit_watch

PUT method + auth headers

I put in :

{   "trigger" : {
        "schedule": {
            "interval": "1h"
        }
    },  "actions" : {       "send_email" : { 
            "email" : { 
                "to" : "ext_avolkova@rencredit.ru", 
                "subject" : "Watcher Notification", 
                "body" : "{{ctx.payload.hits.total}}  logs found" 
            }       }   } }

But now I see mistake :

No handler found for uri [/apiconnect508/_xpack/watcher/watch/log_audit] and method [PUT]

Please, help me to create one simple watcher

Anna
  • 349
  • 4
  • 20
  • Why do you have apiconnect508? Is that your index? The URI should start with _xpack. – harishkb Feb 14 '18 at 14:16
  • @harishkb yes, it is. When i find mapping, i do it after this index and it's working – Anna Feb 14 '18 at 14:21
  • watchers are not bound to any indices storing data. You should not provide your index name. Instead try `PUT https://es.origin-test.cloud.rccf.ru/_xpack/watcher/watch/audit_watch`. – harishkb Feb 14 '18 at 14:30
  • @harishkb https://es.origin-test.cloud.rccf.ru/_xpack/watcher/watch/audit_watch also doesn`t work – Anna Feb 14 '18 at 14:36
  • Anna, what's the error? – harishkb Feb 14 '18 at 14:41
  • @harishkb No handler found for uri [/_xpack/watcher/watch/audit_watch] and method [PUT] – Anna Feb 14 '18 at 14:45
  • @harishkb And also one moment : I have elasticsearch 2.4.4 from openshift pack – Anna Feb 14 '18 at 14:55
  • You might want to check if xpack is installed. What's the o/p of GET https://es.origin-test.cloud.rccf.ru/_xpack ? – harishkb Feb 14 '18 at 15:00
  • @harishkb { "error": { "root_cause": [ { "type": "illegal_argument_exception", "reason": "No feature for name [_xpack]" } ], "type": "illegal_argument_exception", "reason": "No feature for name [_xpack]" }, "status": 400 } – Anna Feb 14 '18 at 15:15
  • Looks like x-pack is not installed. Hence you won't be able to create x-pack watcher alerts. – harishkb Feb 14 '18 at 15:42

1 Answers1

0

Based on the support matrix, elasticsearch 2.x is not compatible with x-pack.

You might want to install Watcher as a separate plugin using this document.

harishkb
  • 406
  • 3
  • 7