Alerts and actions are enabled by default in {kib}, but require you configure the following in order to use them:
-
If you are using an on-premises Elastic Stack deployment, specify a value for
xpack.encryptedSavedObjects.encryptionKey
.
You can configure the following settings in the kibana.yml
file.
|
A string of 32 or more characters used to encrypt sensitive properties on alerting rules and actions before they’re stored in {es}. Third party credentials — such as the username and password used to connect to an SMTP service — are an example of encrypted properties. |
|
Feature toggle that enables Actions in {kib}. Default: |
|
A list of hostnames that {kib} is allowed to connect to when built-in actions are triggered. It defaults to |
|
A list of custom host settings to override existing global settings.
Default: an empty list. |
xpack.actions.customHostSettings:
- url: smtp://mail.example.com:465
ssl:
verificationMode: 'full'
certificateAuthoritiesFiles: [ 'one.crt' ]
certificateAuthoritiesData: |
-----BEGIN CERTIFICATE-----
... multiple lines of certificate data here ...
-----END CERTIFICATE-----
smtp:
requireTLS: true
- url: https://webhook.example.com
ssl:
// legacy
rejectUnauthorized: false
verificationMode: 'none'
|
A URL associated with this custom host setting. Should be in the form of
|
|
A boolean value indicating that TLS must not be used for this connection.
The options |
|
A boolean value indicating that TLS must be used for this connection.
The options |
|
Deprecated. Use |
Controls the verification of the server certificate that {hosted-ems} receives when making an outbound SSL/TLS connection to the host server. Valid values are |
|
|
A file name or list of file names of PEM-encoded certificate files to use to validate the server. |
|
The contents of a PEM-encoded certificate file, or multiple files appended into a single string. This configuration can be used for environments where the files cannot be made available. |
|
A list of action types that are enabled. It defaults to |
|
Enables a preconfigured alert history {es} Index connector. Default: |
|
Specifies preconfigured connector IDs and configs. Default: {}. |
|
Specifies the proxy URL to use, if using a proxy for actions. By default, no proxy is used. |
|
Specifies hostnames which should not use the proxy, if using a proxy for actions. The value is an array of hostnames as strings. By default, all hosts will use the proxy, but if an action’s hostname is in this list, the proxy will not be used. The settings |
|
Specifies hostnames which should only use the proxy, if using a proxy for actions. The value is an array of hostnames as strings. By default, no hosts will use the proxy, but if an action’s hostname is in this list, the proxy will be used. The settings |
|
Specifies HTTP headers for the proxy, if using a proxy for actions. Default: {}. |
|
Deprecated. Use |
Controls the verification for the proxy server certificate that {hosted-ems} receives when making an outbound SSL/TLS connection to the proxy server. Valid values are |
|
|
Deprecated. Use |
Controls the verification for the server certificate that {hosted-ems} receives when making an outbound SSL/TLS connection for actions. Valid values are |
|
|
Specifies the max number of bytes of the http response for requests to external resources. Default: 1000000 (1MB). |
|
Specifies the time allowed for requests to external resources. Requests that take longer are aborted. The time is formatted as: |
|
Sets the number of actions that will be executed ephemerally. To use this, enable ephemeral tasks in task manager first with |