-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Alerting][Docs] Changed alerting documentation to point to a single source of explaining the configurations. #92942
Changes from 1 commit
2f587de
defc5e2
827d309
8895764
c0c7ef6
187d6f3
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -41,6 +41,9 @@ You can configure the following settings in the `kibana.yml` file. | |
[cols="2*<"] | ||
|=== | ||
|
||
| `xpack.actions.enabled` {ess-icon} | ||
| Feature toggle that enables Actions in {kib}. It defaults to `true`. | ||
YulNaumenko marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
| `xpack.actions.allowedHosts` {ess-icon} | ||
| A list of hostnames that {kib} is allowed to connect to when built-in actions are triggered. It defaults to `[*]`, allowing any host, but keep in mind the potential for SSRF attacks when hosts are not explicitly added to the allowed hosts. An empty list `[]` can be used to block built-in actions from making any external connections. + | ||
+ | ||
|
@@ -51,6 +54,23 @@ You can configure the following settings in the `kibana.yml` file. | |
+ | ||
Disabled action types will not appear as an option when creating new connectors, but existing connectors and actions of that type will remain in {kib} and will not function. | ||
|
||
| `xpack.actions.preconfigured` | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Should this have {ess-icon}? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. No, we are not supporting this in Cloud |
||
| Specifies preconfigured action IDs and configs. It defaults to {}. | ||
YulNaumenko marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
| `xpack.actions.proxyUrl` {ess-icon} | ||
| Specifies the proxy URL to use, if using a proxy for actions. By default is no proxy used. | ||
YulNaumenko marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
| `xpack.actions.proxyHeader` {ess-icon} | ||
YulNaumenko marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| Specifies HTTP headers for proxy, if using a proxy for actions. | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. What's the default?
YulNaumenko marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
| `xpack.actions.proxyRejectUnauthorizedCertificates` {ess-icon} | ||
YulNaumenko marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| Set to `false` to bypass certificate validation for proxy, if using a proxy for actions. It defaults to `true`. | ||
YulNaumenko marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
| `xpack.actions.rejectUnauthorized` {ess-icon} | ||
| Set to `false` to bypass certificate validation for actions. It defaults to `true`. + | ||
YulNaumenko marked this conversation as resolved.
Show resolved
Hide resolved
|
||
+ | ||
As an alternative to both `xpack.actions.proxyRejectUnauthorizedCertificates` and `xpack.actions.rejectUnauthorized`, the OS level environment variable `NODE_EXTRA_CA_CERTS` can be set to point to a file that contains the root CA(s) needed for certificates to be trusted. | ||
YulNaumenko marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
|=== | ||
|
||
[float] | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this is in the cloud allowlist. I don't see it in here: https://github.com/elastic/cloud/blob/master/scala-services/adminconsole/src/main/resources/settings/kibana/alerting.yml
Should we add it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure about this config option at all :-) @mikecote what do you think?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have a feeling #90934 will go through for 8.0, which would reverse this work. I'm +1 to not allow-list it until someone asks, and when they do, we can gather their use case as to why.