Setting Up Kibana For ElasticSearch
Posted By : Himani Mishra | 20-Apr-2020
Kibana is an open-source data visualization dashboard for Elasticsearch and exploration tool used for log and time-series analytics, application monitoring, and operational intelligence use cases.
There are three key-functions of Kibana:
1. Use Kibana to explore your Elasticsearch data, and then build beautiful visualizations and dashboards
2. Manage your security settings, assign user roles, take snapshots, roll up your data, and more — all from the convenience of a Kibana UI
3. From log analytics to document discovery to SIEM, Kibana is the portal for accessing these and other capabilities
Setting Up Kibana
2.Open command prompt at kibana/bin folder location
3.Run kibana on cmd
4.Point your browser at http://localhost:5601
The visualization tool is equipped with various options in its left panel, image shown following-
It enables to explore data and get answers to questions.we can access every document in every index that matches the selected index pattern in Discover.
Visualize enables us to create visualizations of the data from Elasticsearch indices, which we can then add to dashboards for analysis and Kibana visualizations are based on queries of Elasticsearch.
A dashboard is a collection of visualizations, maps, and searches in real-time.
Canvas is a data visualization and presentation tool. In Canvas, we can pull live data directly from Elasticsearch, and combine the data with colors, images, text, and create dynamic, multi-page, pixel-perfect displays.
5. Machine Learning
Machine learning intends to create anomaly detection jobs and observe results.
APM(Application Performance Monitoring) system supports users to monitor the applications and services and collects deep performance metrics and errors.
The metrics app enables us to monitor infrastructure metrics and identify problems in real-time.
Logs app in Kibana enables us to explore logs for common servers, containers, and services.
Uptime allows monitoring the status of network endpoints via HTTP/S, TCP, and ICMP.
The SIEM app provides an interactive workspace for security teams to triage events and perform initial investigations.
11. Dev Tools
This is a development tool that helps to interact with data in Kibana in an easy way. There are three sections in Dev tools:
1.Console:-Console enables one to interact with the REST API of Elasticsearch eg: send requests to Elasticsearch and view the response, View API documentation, Get request history.
2.Search Profiler:-Powerful Profile API which can be used to inspect and analyze search queries because response returns a large JSON blob, which can be difficult to analyze manually.