Installing Kibana

edit

Kibana is a visualization application that gets its data from Elasticsearch. It provides a customizable and user-friendly UI in which you can combine various widget types to create your own dashboards. The dashboards can be easily saved, shared, and linked.

For getting started, we recommend installing Kibana on the same server as Elasticsearch, but it is not required. If you install the products on different servers, you’ll need to change the URL (IP:PORT) of the Elasticsearch server in the Kibana configuration file, config/kibana.yml, before starting Kibana.

Use the following commands to download and run Kibana.

deb or rpm:

curl -L -O https://download.elastic.co/kibana/kibana/kibana-4.3.1-linux-x64.tar.gz
tar xzvf kibana-4.3.1-linux-x64.tar.gz
cd kibana-4.3.1-linux-x64/
./bin/kibana

mac:

curl -L -O https://download.elastic.co/kibana/kibana/kibana-4.3.1-darwin-x64.tar.gz
tar xzvf kibana-4.3.1-darwin-x64.tar.gz
cd kibana-4.3.1-darwin-x64/
./bin/kibana

win:

  1. Download the Kibana 4.3.1 Windows zip file from the downloads page.
  2. Extract the contents of the zip file to a directory on your computer, for example, C:\Program Files.
  3. Open a command prompt as an Administrator and navigate to the directory that contains the extracted files, for example:

    cd C:\Program Files\kibana-4.3.1-windows
  4. Run the following command to start Kibana:

    bin\kibana.bat

You can find Kibana binaries for other operating systems on the Kibana downloads page.

Launching the Kibana Web Interface

edit

To launch the Kibana web interface, point your browser to port 5601. For example, http://127.0.0.1:5601.

You can learn more about Kibana in the Kibana User Guide.

Loading Kibana Dashboards

edit

Kibana has a large set of visualization types that you can combine to create the perfect dashboards for your needs. But this flexibility can be a bit overwhelming at the beginning, so we have created a couple of Sample Dashboards to get you started and to demonstrate what is possible based on the Beats data.

To load the sample dashboards, follow these steps:

curl -L -O http://download.elastic.co/beats/dashboards/beats-dashboards-1.0.1.tar.gz
tar xzvf beats-dashboards-1.0.1.tar.gz
cd beats-dashboards-1.0.1/
./load.sh

If Elasticsearch is not running on 127.0.0.1:9200, you need to specify the Elasticsearch location as an argument to the load.sh command: ./load.sh http://192.168.33.60:9200

The load command uploads the example dashboards, visualizations, and searches that you can use. The load command also creates index patterns for each Beat:

  • [packetbeat-]YYYY.MM.DD
  • [topbeat-]YYYY.MM.DD
  • [filebeat-]YYYY.MM.DD

After loading the dashboards, Kibana raises a No default index pattern error. You must select or create an index pattern to continue. You can resolve the error by refreshing the page in the browser and then setting one of the predefined index patterns as the default.

Kibana configured indexes

To open the loaded dashboards, go to the Dashboard page and click the Load Saved Dashboard icon. Select Packetbeat Dashboard from the list. You can then easily switch between the dashboards by using the Navigation widget.

Navigation widget in Kibana

Of course, you won’t see actual data until you’ve installed and configured your Beat.

Enjoy!