sentinl: fail to get watcher

1. Sentinl and Kibana version

Kibana 6.2.2 Sentinl 6.2.2

2. Issue description

fail to get watcher 1e0eb200-3660-11e8-8ee6-2d3b42c859e8

3. Reproducing the issue step-by-step

Try to make a new watcher and run it

5. Sample of data

My watcher

{
  "actions": {
    "New slack action 6cjr3lh2p4g": {
      "throttle_period": "0h0m5s",
      "slack": {
        "channel": "#appisphera_sentinl",
        "message": "-------------------------------------\n*Anomalias de las ultimas 6 horas en Bitcoins*:\n\n*Anomalias:*\n\n{{#payload.hits.hits}}\n\n{{#_source}}\n- {{timestamp}} : {{last}} E , {{volume}} volumen\n{{/_source}}\n\n{{/payload.hits.hits}}\n--------------------------------------",
        "stateless": false
      }
    }
  },
  "input": {
    "search": {
      "request": {
        "index": [
          "cripto_anomalias"
        ],
        "body": {
          "size": 70,
          "query": {
            "term": {
              "alert": false
            }
          },
          "sort": [
            {
              "timestamp": {
                "order": "desc"
              }
            }
          ]
        }
      }
    }
  },
  "condition": {
    "script": {
      "script": "payload.hits.total > 0"
    }
  },
  "transform": {
    "script": {
      "script": "var json = payload.hits.hits;var rawData = [];json.forEach(function (item) {rawData.push(item._source);});rawData.forEach(function(value, number, array){value.timestamp = (new Date(value.timestamp*1000).toLocaleString();});payload.hits.hits = json;"
    }
  },
  "trigger": {
    "schedule": {
      "later": "every 5 minutes"
    }
  },
  "disable": false,
  "report": false,
  "title": "deteccionAnomalias"
}

6. Additional details

Check if exsist:

GET /.kibana/_search
{
    "size": 60,
    "query": {
        "term":{
            "_id": "sentinl-watcher:1e0eb200-3660-11e8-8ee6-2d3b42c859e8"
        }
    }
}

Return

{
    "took": 0,
    "timed_out": false,
    "_shards": {
        "total": 1,
        "successful": 1,
        "skipped": 0,
        "failed": 0
    },
    "hits": {
        "total": 1,
        "max_score": 1,
        "hits": [
            {
                "_index": ".kibana",
                "_type": "doc",
                "_id": "sentinl-watcher:1e0eb200-3660-11e8-8ee6-2d3b42c859e8",
                "_score": 1,
                "_source": {
                    "type": "sentinl-watcher",
                    "updated_at": "2018-04-02T11:12:46.348Z",
                    "sentinl-watcher": {
                        "title": "deteccionAnomalias",
                        "input": {
                            "search": {
                                "request": {
                                    "index": [
                                        "cripto_anomalias"
                                    ],
                                    "body": {
                                        "size": 70,
                                        "query": {
                                            "term": {
                                                "alert": false
                                            }
                                        },
                                        "sort": [
                                            {
                                                "timestamp": {
                                                    "order": "desc"
                                                }
                                            }
                                        ]
                                    }
                                }
                            }
                        },
                        "actions": {
                            "New slack action 6cjr3lh2p4g": {
                                "throttle_period": "0h0m2s",
                                "slack": {
                                    "channel": "#appisphera_sentinl",
                                    "message": "-------------------------------------\n*Anomalias de las ultimas 6 horas en Bitcoins*:\n\n*Anomalias:*\n\n{{#payload.hits.hits}}\n\n{{#_source}}\n- {{timestamp}} : {{last}} E , {{volume}} volumen\n{{/_source}}\n\n{{/payload.hits.hits}}\n--------------------------------------",
                                    "stateless": false
                                }
                            }
                        },
                        "transform": {
                            "script": {
                                "script": "var json = payload.hits.hits;var rawData = [];json.forEach(function (item) {rawData.push(item._source);});rawData.forEach(function(value, number, array){value.timestamp = (new Date(value.timestamp*1000).toLocaleString();});payload.hits.hits = json;"
                            }
                        },
                        "condition": {
                            "script": {
                                "script": "payload.hits.total > 0"
                            }
                        },
                        "report": false,
                        "disable": true,
                        "trigger": {
                            "schedule": {
                                "later": "every 5 minutes"
                            }
                        }
                    }
                }
            }
        ]
    }
}

About this issue

  • Original URL
  • State: closed
  • Created 6 years ago
  • Comments: 22 (12 by maintainers)

Commits related to this issue

Most upvoted comments

Then why do you have the authentication enabled in Sentinl? Switch it off:

  settings:
    authentication:
      enabled: false