Kibana

Smartsite 7.9 - ...

Purpose

Kibana is a browser based dashboard for Elastic Search. Two functions in particular are used by Enterprise Search.

  • The Dev Tools Console can be used to write .json requests, send these requests to Elastic Search, and to capture the response. Writing .json requests is supported with intellisense.
  • Stack Management - Security is used to configure role-based access control (RBAC). This applies when using the Elastic Search cluster for multiple tenants.

Kibana implements several other functions. From the authors:

Kibana is an free and open frontend application that sits on top of the Elastic Stack, providing search and data visualization capabilities for data indexed in Elasticsearch. Commonly known as the charting tool for the Elastic Stack (previously referred to as the ELK Stack after Elasticsearch, Logstash, and Kibana), Kibana also acts as the user interface for monitoring, managing, and securing an Elastic Stack cluster — as well as the centralized hub for built-in solutions developed on the Elastic Stack. Developed in 2013 from within the Elasticsearch community, Kibana has grown to become the window into the Elastic Stack itself, offering a portal for users and companies.

Version

The version should match the version of Elastic Search, currently

  • Elastic Search v7.17.3, Kibana v7.17.3.

Kibana is not 32 or 64 bit specific.

Media

The installation media includes folder Enterprise Search\12.1\Kibana, containing:

  • kibana-7.17.3-windows-x86_64.zip

Prerequisites

No special prerequisites apply.

Installation

Kibana is typically installed on one of the Elastic Search cluster node servers.

Unpack the zip.

  1. Unpack the zip in a temp folder, for example to E:\Temp\kibana-7.17.3-windows-x86_64. The folder should contain subfolders such as bin and config after unpacking.
  2. Create a folder such as C:\Program Files\kibana\7.17.3 and move the above files and folders to this folder.

Configure config\kibana.yml. Uncomment and adjust entries.

  1. Set server.port, for example: 5601. Or keep the comment, resulting in 5601 by default.
  2. Set server.host, for example: server1. This should be the network resolvable name of the server that runs Kibana. If omitted localhost applies. Typically the server name is used, allowing for remote use of Kibana.
  3. Set elasticsearch.hosts, for example ["https://server1.example.company.nl:9202/"]. List one or more servers of the Elastic Search cluster, to be used for queries by Kibana.

If the Elastic Search cluster is secured with https additional configuration is required for Kibana. Still in config\kibana.yml:

  1. Set elasticsearch.ssl.certificateAuthorities: [ "../config/elasticsearch-ca.pem" ] such that Kibana acting as a client trusts the https certificate presented by Elastic Search.
  2. Set server.ssl.enabled: true such that Kibana acting as a server requires https for its client browsers.
  3. Set server.ssl.keystore.path: "../../../elasticsearch/17.3.2/config/certs/http.p12" to specify the certificate to present to client browsers. Hence the certificate used to access Elastic Search over https is reused for access of Kibana.
  4. Add the password of the client certificate to the keystore of Kibana. Command box, in kibana\7.17.3\bin: Run: kibana-keystore.bat add server.ssl.keystore.password and enter the client certificate password as created during the Elastic Search installation, see First installation. If the password cannot be added because the keystore is not yet available first run: kibana-keystore.bat create

If the Elastic Search cluster requires credentials additional configuration is required for Kibana. Still in config\kibana.yml:

  1. Set elasticsearch.username, typically "kibana_system". This is the user name that Kibana uses for a login on Elastic Search.
  2. Do not use elasticsearch.password for the password. Instead add the pasword to the keystore. Run: kibana-keystore.bat add elasticsearch.password and enter the password as created when setting the passwords of system users, during the Elastic Search installation.

 Test interactively:

  1. Start a command box, as administrator.
  2. Go to the bin folder and invoke kibana.bat.
  3. Inspect the feedback. Expect a message like Server running at https://server1.example.company.nl:5601.
  4. In a browser on a remote computer visit https://server1.example.company.nl:5601/. Expect the Kibana dashboard. Expect no certificate warnings, assuming that a public CA is used or a generated CA is used that is already installed on the client computer, see the Elastic Searchinstallation and test.
  5. Stop with Ctrl-C.

Install as a Windows service

Install and start Kibana as a Windows service.

  1. Obtain the service manager. Installation media include: Enterprise Search\R12.1\Service Manager\nssm-2.24.zip.
  2. Unpack the zip and obtain win64\nssm.exe. Copy this .exe to kibana\7.17.3\bin.
  3. Command box; go to folder bin. Run: nssm install Kibana
  4. Through the user interface:
    1. Path: C:\Program Files\kibana\7.17.3\bin\kibana.bat
    2. Startup (prefilled): C:\ProgramFiles\kibana\7.17.3\bin
    3. Dependencies: use the appropriate name: elasticsearch-service
  5. nssm start Kibana
  6. sc failure Kibana actions=restart/60000/restart//reboot/ reset=86400

If Kibana serves on a non-local address allow incoming traffic.

  1. Add a firewall rule. Use an inbound port rule, specifying 5601 or specifying the selected port, for traffic over TCP. Name the rule, for example, Kibana - dashboard for Elastic Search.

Test using a browser.

  1. If Elastic Search runs on localhost: visit http://localhost:5601/. Expect the Kibana dashoard.
  2. If Elastic Search runs for a server url: perform the test from a browser on a remote system.

Troubleshooting

  • Kibana login page remains empty: possibly Internet Explorer is used. The latest IE v11 is dated 2013 and is no longer supported by Kibana. Use another browser.