Reporting settings in Kibana

edit

Reporting settings in Kibana

edit

You can configure xpack.reporting settings in your kibana.yml to:

General reporting settings

edit

xpack.reporting.enabled logo cloud

Set to false to disable the reporting features.

xpack.reporting.encryptionKey logo cloud

Set to an alphanumeric, at least 32 characters long text string. By default, Kibana will generate a random key when it starts, which will cause pending reports to fail after restart. Configure this setting to preserve the same key across multiple restarts and multiple instances of Kibana.

Kibana server settings

edit

Reporting opens the Kibana web interface in a server process to generate screenshots of Kibana visualizations. In most cases, the default settings will work and you don’t need to configure Reporting to communicate with Kibana. However, if your client connections must go through a reverse-proxy to access Kibana, Reporting configuration must have the proxy port, protocol, and hostname set in the xpack.reporting.kibanaServer.* settings.

If a reverse-proxy carries encrypted traffic from end-user clients back to a Kibana server, the proxy port, protocol, and hostname in Reporting settings must be valid for the encryption that the Reporting browser will receive. Encrypted communications will fail if there are mismatches in the host information between the request and the certificate on the server.

Configuring the xpack.reporting.kibanaServer settings to point to a proxy host requires that the Kibana server has network access to the proxy.

xpack.reporting.kibanaServer.port

The port for accessing Kibana, if different from the server.port value.

xpack.reporting.kibanaServer.protocol

The protocol for accessing Kibana, typically http or https.

xpack.reporting.kibanaServer.hostname

The hostname for accessing Kibana, if different from the server.host value.

Reporting authenticates requests on the Kibana page only when the hostname matches the xpack.reporting.kibanaServer.hostname setting. Therefore Reporting would fail if the set value redirects to another server. For that reason, "0" is an invalid setting because, in the Reporting browser, it becomes an automatic redirect to "0.0.0.0".

Background job settings

edit

Reporting generates reports in the background and jobs are coordinated using documents in Elasticsearch. Depending on how often you generate reports and the overall number of reports, you might need to change the following settings.

xpack.reporting.queue.indexInterval

How often the index that stores reporting jobs rolls over to a new index. Valid values are year, month, week, day, and hour. Defaults to week.

xpack.reporting.queue.pollEnabled logo cloud

Set to true (default) to enable the Kibana instance to to poll the index for pending jobs and claim them for execution. Setting this to false allows the Kibana instance to only add new jobs to the reporting queue, list jobs, and provide the downloads to completed report through the UI.

Running multiple instances of Kibana in a cluster for load balancing of reporting requires identical values for xpack.reporting.encryptionKey and, if security is enabled, xpack.security.encryptionKey.

xpack.reporting.queue.pollInterval

Specifies the number of milliseconds that the reporting poller waits between polling the index for any pending Reporting jobs. Defaults to 3000 (3 seconds).

xpack.reporting.queue.timeout logo cloud

How long each worker has to produce a report. If your machine is slow or under heavy load, you might need to increase this timeout. Specified in milliseconds. If a Reporting job execution time goes over this time limit, the job will be marked as a failure and there will not be a download available. Defaults to 120000 (two minutes).

Capture settings

edit

Reporting works by capturing screenshots from Kibana. The following settings control the capturing process.

xpack.reporting.capture.timeouts .openUrl logo cloud

Specify how long to allow the Reporting browser to wait for the "Loading…​" screen to dismiss and find the initial data for the Kibana page. If the time is exceeded, a page screenshot is captured showing the current state, and the download link shows a warning message. Defaults to 30000 (30 seconds).

xpack.reporting.capture.timeouts .waitForElements logo cloud

Specify how long to allow the Reporting browser to wait for all visualization panels to load on the Kibana page. If the time is exceeded, a page screenshot is captured showing the current state, and the download link shows a warning message. Defaults to 30000 (30 seconds).

xpack.reporting.capture.timeouts .renderComplete logo cloud

Specify how long to allow the Reporting browser to wait for all visualizations to fetch and render the data. If the time is exceeded, a page screenshot is captured showing the current state, and the download link shows a warning message. Defaults to 30000 (30 seconds).

If any timeouts from xpack.reporting.capture.timeouts.* settings occur when running a report job, Reporting will log the error and try to continue capturing the page with a screenshot. As a result, a download will be available, but there will likely be errors in the visualizations in the report.

xpack.reporting.capture.maxAttempts logo cloud

If capturing a report fails for any reason, Kibana will re-attempt other reporting job, as many times as this setting. Defaults to 3.

xpack.reporting.capture.loadDelay

When visualizations are not evented, this is the amount of time before taking a screenshot. All visualizations that ship with Kibana are evented, so this setting should not have much effect. If you are seeing empty images instead of visualizations, try increasing this value. Defaults to 3000 (3 seconds).

xpack.reporting.capture.browser.type logo cloud

Specifies the browser to use to capture screenshots. This setting exists for backward compatibility. The only valid option is chromium.

Chromium settings

edit

When xpack.reporting.capture.browser.type is set to chromium (default) you can also specify the following settings.

xpack.reporting.capture.browser .chromium.disableSandbox

It is recommended that you research the feasibility of enabling unprivileged user namespaces. See Chromium Sandbox for additional information. Defaults to false for all operating systems except Debian, Red Hat Linux, and CentOS which use true.

xpack.reporting.capture.browser .chromium.proxy.enabled

Enables the proxy for Chromium to use. When set to true, you must also specify the xpack.reporting.capture.browser.chromium.proxy.server setting. Defaults to false.

xpack.reporting.capture.browser .chromium.proxy.server`

The uri for the proxy server. Providing the username and password for the proxy server via the uri is not supported.

xpack.reporting.capture.browser .chromium.proxy.bypass`

An array of hosts that should not go through the proxy server and should use a direct connection instead. Examples of valid entries are "elastic.co", "*.elastic.co", ".elastic.co", ".elastic.co:5601".

CSV settings

edit

xpack.reporting.csv.maxSizeBytes logo cloud

The maximum size of a CSV file before being truncated. This setting exists to prevent large exports from causing performance and storage issues. Defaults to 10485760 (10 MB).

Setting xpack.reporting.csv.maxSizeBytes much larger than the default 10 MB limit has the potential to negatively affect the performance of Kibana and your Elasticsearch cluster. There is no enforced maximum for this setting, but a reasonable maximum value depends on multiple factors:

  • The http.max_content_length setting in Elasticsearch.
  • Network proxies, which are often configured by default to block large requests with a 413 error.
  • The amount of memory available to the Kibana server, which limits the size of CSV data that must be held temporarily.

For information about Kibana memory limits, see using Kibana in a production environment.

xpack.reporting.csv.scroll.size

Number of documents retrieved from Elasticsearch for each scroll iteration during a CSV export. Defaults to 500.

xpack.reporting.csv.scroll.duration

Amount of time allowed before Kibana cleans the scroll context during a CSV export. Defaults to 30s.

xpack.reporting.csv.checkForFormulas

Enables a check that warns you when there’s a potential formula involved in the output (=, -, +, and @ chars). See OWASP: https://www.owasp.org/index.php/CSV_Injection Defaults to true.

xpack.reporting.csv .enablePanelActionDownload

Enables CSV export from a saved search on a dashboard. This action is available in the dashboard panel menu for the saved search. Note: This setting exists for backwards compatibility, but is unused and hardcoded to true. CSV export from a saved search on a dashboard is enabled when Reporting is enabled.

Advanced settings

edit

xpack.reporting.index

Reporting uses a weekly index in Elasticsearch to store the reporting job and the report content. The index is automatically created if it does not already exist. Configure this to a unique value, beginning with .reporting-, for every Kibana instance that has a unique kibana.index setting. Defaults to .reporting.

xpack.reporting.capture.networkPolicy

Capturing a screenshot from a Kibana page involves sending out requests for all the linked web assets. For example, a Markdown visualization can show an image from a remote server. You can configure what type of requests to allow or filter by setting a network policy for Reporting.

xpack.reporting.roles.allow

Specifies the roles in addition to superusers that can use reporting. Defaults to [ "reporting_user" ].

Each user has access to only their own reports.