Hi everyone,
i’m actually testing the latest release of Alerting plugin ( 9.0.0) on a 4 nodes Elasticsearch cluster. **I didn’t install others plugins just Alerting plugins **
Elasticsearch cluster side:
- Cluster is still based on Elasticsearch repos, version 6.7.1
- Alerting plugin was installed with bin/elasticsearch-plugin install https://d3g5vo6xdbdb9a.cloudfront.net/downloads/elasticsearch-plugins/opendistro-alerting/opendistro_alerting-0.9.0.0.zip
I didn’t perform any elaticsearch restart like asked with SQL plugin, i’m on a dockerized cluster :
When i perform through CLI elasticsearch-plugin list , the plugin is listed.
Kibana side:
- Kibana is deploy from a fresh docker based in 6.7.1 version with **bin/kibana-plugin install https://d3g5vo6xdbdb9a.cloudfront.net/downloads/kibana-plugins/opendistro-alerting/opendistro-alerting-0.9.0.0.zip. It’s appear on the left side bar, UI working well.
When i try to create a monitor,specially when i select index and timestamp,i have a couple of errors. Opendistro internal index are not created during plugin installation :
Alerting - MonitorService - executeMonitor: { no handler found for uri [/_opendistro/_alerting/monitors/_execute?dryrun=true] and method [POST] :: {"path":"/_opendistro/_alerting/monitors/_execute?dryrun=true","query":{},"body":"{\"name\":\"TEMP_MONITOR\",\"type\":\"monitor\",\"enabled\":true,\"schedule\":{\"period\":{\"interval\":1,\"unit\":\"MINUTES\"}},\"inputs\":[{\"search\":{\"query\":{\"size\":0,\"aggregations\":{},\"query\":{\"bool\":{\"filter\":{\"range\":{\"timestamp\":{\"gte\":\"{{period_end}}||-1h\",\"lte\":\"{{period_end}}\",\"format\":\"epoch_millis\"}}}}}},\"indices\":[\"auditd_deflector\"]}}],\"triggers\":[],\"ui_metadata\":{\"schedule\":{\"timezone\":null,\"frequency\":\"interval\",\"period\":{\"interval\":1,\"unit\":\"MINUTES\"},\"daily\":0,\"weekly\":{\"mon\":false,\"tue\":false,\"wed\":false,\"thur\":false,\"fri\":false,\"sat\":false,\"sun\":false},\"monthly\":{\"type\":\"day\",\"day\":1},\"cronExpression\":\"0 */1 * * *\"},\"search\":{\"searchType\":\"graph\",\"aggregationType\":\"count\",\"timeField\":\"timestamp\",\"fieldName\":\"\",\"overDocuments\":\"all documents\",\"groupedOverTop\":5,\"groupedOverFieldName\":\"bytes\",\"bucketValue\":1,\"bucketUnitOfTime\":\"h\"}}}","statusCode":400,"response":"{\"error\":\"no handler found for uri [/_opendistro/_alerting/monitors/_execute?dryrun=true] and method [POST]\"}"}
at respond (/usr/share/kibana/node_modules/elasticsearch/src/lib/transport.js:308:15)
at checkRespForFailure (/usr/share/kibana/node_modules/elasticsearch/src/lib/transport.js:267:7)
at HttpConnector.<anonymous> (/usr/share/kibana/node_modules/elasticsearch/src/lib/connectors/http.js:166:7)
at IncomingMessage.wrapper (/usr/share/kibana/node_modules/elasticsearch/node_modules/lodash/lodash.js:4935:19)
at IncomingMessage.emit (events.js:194:15)
at endReadableNT (_stream_readable.js:1103:12)
at process._tickCallback (internal/process/next_tick.js:63:19)
status: 400,
displayName: 'BadRequest',
message:
'no handler found for uri [/_opendistro/_alerting/monitors/_execute?dryrun=true] and method [POST]',
path: '/_opendistro/_alerting/monitors/_execute?dryrun=true',
query: {},
body:
{ error:
'no handler found for uri [/_opendistro/_alerting/monitors/_execute?dryrun=true] and method [POST]' },
statusCode: 400,
response:
'{"error":"no handler found for uri [/_opendistro/_alerting/monitors/_execute?dryrun=true] and method [POST]"}',
toString: [Function],
toJSON: [Function] }
There is a post script or something else to add all the internal configuration needed by Opendistro alerting plugin on a existing Elasticsearch cluster ?
Thanks for your help 