automatic watcher creation : Webhook call in Elastic limited to 1900 car?

Question

I am trying to have a watcher that automatically create and remove watchers, based on a table.

I am sending audit reports for different teams, at their request. The report is the same for all of them, the watcher generating the report sending a eMail formatted to only display the relevant information to the team concerned.

Now, rather than duplicating the watcher each time a new team request the audit for their scope and moidfying the filters value, I wish to use a watcher that will look at at table, and create the watcher for this team with the proper fields.

I am using the webhook function in elastic to create the new watcher (or delete the uncessary ones), which works perfectly well, until I reach more than 1900 car or so in the Webhook payload. Then it fails.

I am wondering: is this a bug, or is there a kind of limitation in the number a char I can send via the weebhook? In that case, anyone has an idea so I can reduce the payload (it an mail sent in html...and currently the payload I need to send is close to 25 000 and will probably increase while we increase the amount of test we do for the audit.

The core of the code generating the watchers...

PUT _watcher/watch/Test_Auto_Watcher?active=false
{
      "trigger": {
    ...
  },
  "input": {
...
  },
  "condition": {
    "always": {}
  },
  "actions": {
    "create-action": {
      "condition": {
        "script": {
          "source": "return !ctx.payload.to_be_created.isEmpty();",
          "lang": "painless"
        }
      },
      "foreach": "ctx.payload.to_be_created",
      "max_iterations": 60,
      "webhook": {
        "scheme": "https",
        "host": "....",
        "port": ....,
        "method": "put",
        "path": "_watcher/watch/{{ctx.payload._source.watchername}}",
        "params": {},
        "headers": {},
        "auth": {
          "basic": {
            "username": "....",
            "password": "...."
          }
        },
        "body": """ ***This is where it looks like we are limited to 1900 char...***"""
      }
    }
  },
  "transform": {
 ...
  }
}

Answer 1

Ok, I confirm, the issue comes from the linter of the devtool that prevent having more than something like 1900 char in the payload of the webhook. Solved by editing the watcher in the watcher window rather than devtool.