Troubleshootingedit

Here are some common issues you might encounter while using Watcher. If you don’t see a solution to your problem here, post a question to the Watcher Discussion Forum.

Troubleshooting a New Watcher Installationedit

If Watcher or Elasticsearch fail to start up properly after installation:

  • Make sure you are running Elasticsearch 1.5 or later.
  • Make sure the License plugin is installed on every node in the cluster.
  • If you are using Shield, make sure you are running Shield 1.2.2 or later.
  • Make sure Watcher is installed on every node in the cluster.
  • Make sure all plugin versions are compatible with the Elasticsearch version.

Logstash Can’t Connect to Elasticsearch after Installing Watcheredit

By default, Logstash uses the node protocol. When you use the node protocol, the Logstash instance joins the Elasticsearch cluster. Because Watcher requires all instances in the cluster to have the License plugin, Logstash cannot join the cluster unless it has the License plugin. You can install the Logstash License plugin or use the transport or http protocol to ship data to Elasticsearch.

Dynamic Mapping Error When Trying to Add a Watchedit

If you get the error Dynamic Mapping is Disabled when you try to add a watch, verify that the index mappings for the .watches index are available. You can do that by submitting the following request:

GET .watches/_mapping

If the index mappings are missing, follow these steps to restore the correct mappings:

  1. Stop the node.
  2. Add the configuration setting watcher.index.rest.direct_access : true to elasticsearch.yml.
  3. Restart the node.
  4. Delete the .watches index:

    DELETE .watches
  5. Disable direct access to the .watches index:

    1. Stop the node.
    2. Remove watcher.index.rest.direct_access : true from elasticsearch.yml.
    3. Restart the node.

Unable to Send Emailedit

If you get an authentication error that indicates that you need to continue the sign-in process from a web browser when Watcher attempts to send email, you need to configure Gmail to Allow Less Secure Apps to access your account.

If you have two-step verification enabled for your email account, you must generate and use an App Specific password to send email from Watcher. For more information, see:

Watcher Not Responsiveedit

Keep in mind that there’s no built-in validation of scripts that you add to a watch. Buggy or deliberately malicious scripts can negatively impact Watcher performance. For example, if you add multiple watches with buggy script conditions in a short period of time, Watcher might be temporarily unable to process watches until the bad watches time out.