Getting Started

edit

Monitoring is automatically enabled when you install X-Pack into Elasticsearch, Logstash, and Kibana. By default, the monitoring agents on Elasticsearch index data within the same cluster.

If you send data to a separate monitoring cluster, the information is accessible even if the Elasticsearch cluster you’re monitoring is not. You can send data from multiple clusters to the same monitoring cluster and view them all through the same instance of Kibana.

To view and analyze the health and performance of Elasticsearch, Logstash, and Kibana:

  1. Open Kibana in your web browser and log in. If you are running Kibana locally, go to http://localhost:5601/. To access Kibana and view the monitoring dashboards, you must log in as a user who has the kibana_user and monitoring_user roles.
  2. Click Monitoring in the side navigation:
Monitoring Dashboards

Cluster Overview

edit

To view the key metrics that indicate the overall health of an Elasticsearch cluster, click Overview in the Elasticsearch section. Anything that needs your attention is highlighted in yellow or red.

Did you know that you can also set up watches to alert you when the status of your cluster changes? To learn how, see Watch Your Cluster Health.

The panel at the top shows the current cluster statistics, the charts show the search and indexing performance over time, and the table at the bottom shows information about any shards that are being recovered.

Elasticsearch Cluster Overview

Not sure what a chart is showing? Click the info button for a description of the metrics.

From there, you can dive into detailed metrics for particular nodes and indices.

Indices

edit

To view index metrics, click Indices. The Indices section shows the same overall index and search metrics as the Overview and a table of your indices.

Elasticsearch Indices

Index Overview

edit

From the Indices listing, you can view data for a particular index. To drill down into the data for a particular index, click its name in the Indices table.

Elasticsearch Index Overview

Index Advanced

edit

To view advanced index metrics, click the Advanced tab for an index. The Advanced tab shows additional metrics, such as memory statistics reported about the Elasticsearch index. If the index has more than one shard, then its shards may live on more than one node.

Elasticsearch Index Advanced

The Advanced index view can be used to diagnose issues that generally involve more advanced knowledge of Elasticsearch, such as wasteful index memory usage.

Nodes

edit

To view node metrics, click Nodes. The Nodes section shows the status of each node in your cluster.

Elasticsearch Nodes

Node Overview

edit

Click the name of a node to view its node statistics over time. These represent high-level statistics collected from Elasticsearch that provide a good overview of health.

Elasticsearch Node Overview

Node Advanced

edit

To view advanced node metrics, click the Advanced tab for a node. The Advanced tab shows additional metrics, such as memory and garbage collection statistics reported by the selected Elasticsearch node.

Elasticsearch Node Advanced

The Advanced node view can be used to diagnose issues that generally involve more advanced knowledge of Elasticsearch, such as poor garbage collection performance.

Kibana

edit

To view the key metrics that indicate the overall health of Kibana itself, click Overview in the Kibana section.

Kibana Overview

To view Kibana instance metrics, click Instances. The Instances section shows the status of each Kibana instance.

Kibana Instances

Click the name of an instance to view its instance statistics over time.

Kibana Instance View

Logstash

edit

If you are Monitoring Logstash nodes, click Overview in the Logstash section to view the overall health of those nodes.

Logstash Overview

To view Logstash node metrics, click Nodes. The Nodes section shows the status of each Logstash node.

Logstash Nodes

Click the name of a node to view its statistics over time.

Logstash Node View