Release 1.8.1 of monitoring plugin check_es_system fixes bug in readonly check

Written by - 0 comments

Published on June 12th 2020 - Listed in Monitoring Elasticsearch

A new version of check_es_system, a monitoring plugin to monitor Elasticsearch, is available!

Version 1.8.1 is a bugfix release and fixes a bug in the readonly check type. When the plugin ran through all indices (_all), which is the default, it silently failed in the background and did not warn about discovered read only indices:

# Create a new index in Elasticsearch
root@elasticsearch:~# curl -u elastic:secret -XPUT 'localhost:9200/claudiotest'

# Set the new index to read_only
root@elasticsearch:~# curl -u elastic:secret -XPUT 'localhost:9200/claudiotest/_settings' -H 'Content-Type: application/json' -d '{ "index": { "blocks.read_only": true } }'

# Read the index' settings and confirm it has been set to read only
root@elasticsearch:~# curl -u elastic:secret 'localhost:9200/claudiotest/_settings'

# Run the plugin
root@elasticsearch:~# /usr/lib/nagios/plugins/ -H localhost -u elastic -p secret -t readonly
ES SYSTEM OK - Elasticsearch Indexes (_all) are writeable

This bug only occurs when jshon is used as json parser by the plugin. jshon however is the default parser of the plugin.

Furthermore before 1.8.1, the plugin would only check for indices which had the "read_only_allow_delete" flag in the settings (read Elasticsearch ignored disk watermark settings and enforced read only index for more information). The flag "read_only" however was ignored.

With 1.8.1 the plugin now checks for both "read_only" and "read_only_allow_delete" flags in the index' settings and also shows a warning accordingly:

root@elasticsearch:~# /usr/lib/nagios/plugins/ -H localhost -u elastic -p secret -t readonly
ES SYSTEM CRITICAL -  1 index(es) found read-only - 1 index(es) found read-only (allow delete) -

More information can be found in issue #26 on GitHub.

Add a comment

Show form to leave a comment

Comments (newest first)

No comments yet.