-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add docs for alerting and action settings #57035
Merged
peterschretlen
merged 13 commits into
elastic:master
from
peterschretlen:docs/alert-actions-settings
Feb 7, 2020
Merged
Changes from all commits
Commits
Show all changes
13 commits
Select commit
Hold shift + click to select a range
79fb133
initial docs for alert and action settings
606e930
Merge branch 'master' of https://github.com/elastic/kibana into docs/…
2392889
include alert and action settings under 'Configuring Kibana'
7d45a6e
remove action specific settings from general settings page
8fb18e9
tweak enabledActionTypes description
59c5c02
Update docs/settings/alert-action-settings.asciidoc
peterschretlen 002deca
Update docs/settings/alert-action-settings.asciidoc
peterschretlen a8c41e0
Update docs/settings/alert-action-settings.asciidoc
peterschretlen afc8e18
Update docs/settings/alert-action-settings.asciidoc
peterschretlen 28bd2dd
Update docs/settings/alert-action-settings.asciidoc
peterschretlen 6ff05fd
Update docs/settings/alert-action-settings.asciidoc
peterschretlen a6bf0c3
Update docs/settings/alert-action-settings.asciidoc
peterschretlen 6ace4a1
clarify the behaviour of empty lists for action type and whitelisted …
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
| [role="xpack"] | ||
| [[alert-action-settings-kb]] | ||
| === Alerting and action settings in Kibana | ||
| ++++ | ||
| <titleabbrev>Alerting and action settings</titleabbrev> | ||
| ++++ | ||
|
|
||
| Alerts and actions are enabled by default in {kib}, but require you configure the following in order to use them: | ||
|
|
||
| . <<using-kibana-with-security,Set up {kib} to work with {stack} {security-features}>>. | ||
| . <<configuring-tls-kib-es,Set up TLS encryption between {kib} and {es}>>. | ||
| . <<general-alert-action-settings,Specify a value for `xpack.encrypted_saved_objects.encryptionKey`>>. | ||
|
|
||
| You can configure the following settings in the `kibana.yml` file. | ||
|
|
||
|
|
||
| [float] | ||
| [[general-alert-action-settings]] | ||
| ==== General settings | ||
|
|
||
| `xpack.encrypted_saved_objects.encryptionKey`:: | ||
|
|
||
| A string of 32 or more characters used to encrypt sensitive properties on alerts and actions before they're stored in {es}. Third party credentials — such as the username and password used to connect to an SMTP service — are an example of encrypted properties. | ||
| + | ||
| If not set, {kib} will generate a random key on startup, but all alert and action functions will be blocked. Generated keys are not allowed for alerts and actions because when a new key is generated on restart, existing encrypted data becomes inaccessible. For the same reason, alerts and actions in high-availability deployments of {kib} will behave unexpectedly if the key isn't the same on all instances of {kib}. | ||
| + | ||
| Although the key can be specified in clear text in `kibana.yml`, it's recommended to store this key securely in the <<secure-settings,{kib} Keystore>>. | ||
|
|
||
| [float] | ||
| [[alert-settings]] | ||
| ==== Action settings | ||
|
|
||
| `xpack.actions.whitelistedHosts`:: | ||
| A list of hostnames that {kib} is allowed to connect to when built-in actions are triggered. It defaults to `[*]`, allowing any host, but keep in mind the potential for SSRF attacks when hosts are not explicitly whitelisted. An empty list `[]` can be used to block built-in actions from making any external connections. | ||
| + | ||
| Note that hosts associated with built-in actions, such as Slack and PagerDuty, are not automatically whitelisted. If you are not using the default `[*]` setting, you must ensure that the corresponding endpoints are whitelisted as well. | ||
|
|
||
| `xpack.actions.enabledActionTypes`:: | ||
| A list of action types that are enabled. It defaults to `[*]`, enabling all types. The names for built-in {kib} action types are prefixed with a `.` and include: `.server-log`, `.slack`, `.email`, `.index`, `.pagerduty`, and `.webhook`. An empty list `[]` will disable all action types. | ||
| + | ||
| Disabled action types will not appear as an option when creating new connectors, but existing connectors and actions of that type will remain in {kib} and will not function. | ||
|
|
||
| [float] | ||
| [[action-settings]] | ||
| ==== Alert settings | ||
|
|
||
| You do not need to configure any additional settings to use alerting in {kib}. | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This does not feel like the right place for this setup information, but since alerting and actions are not yet exposed in the UI I'm not sure it warrants it's own configuration section yet.