Monitoring plugin check_es_system 1.4 released

Written by - 0 comments

Published on April 26th 2019 - Listed in Monitoring Elasticsearch Icinga Nagios ELK


The monitoring plugin check_es_system, to monitor Elasticsearch nodes and clusters, is now available in the latest version 1.4.

This version catches a 403 error from Elasticsearch, which basically means the used username is not authorized to access the API.

Before this version, the plugin would simply return nonsense, as it didn't handle unauthorized errors properly:

# ./check_es_system.sh -H myescluster.eu-central-1.aws.cloud.es.io -P 9243 -S -t status -u auser -p apassword
parse error: type 'object' has no elements to extract (arg 2)
parse error: type 'object' has no elements to extract (arg 2)
parse error: type 'object' has no elements to extract (arg 2)
parse error: type 'object' has no elements to extract (arg 2)
parse error: type 'object' has no elements to extract (arg 2)
parse error: type 'object' has no elements to extract (arg 2)
parse error: type 'object' has no elements to extract (arg 2)

In the background, the plugin receives the following error message from the API:

{"error":{"root_cause":[{"type":"security_exception","reason":"action' '[cluster:monitor/health]' is unauthorized for user '[auser]"}],"type":"security_exception","reason":"action' '[cluster:monitor/health]' is unauthorized for user '[auser]"},"status":403}

Now with the fix in version 1.4, the plugin correctly returns a meaningful error:

$ ./check_es_system.sh -H myescluster.eu-central-1.aws.cloud.es.io -P 9243 -S -t status -u auser -p apassword
ES SYSTEM CRITICAL - User auser is unauthorized


Add a comment

Show form to leave a comment

Comments (newest first)

No comments yet.