The most famous Elasticsearch interface is Kibana, which from Elasticsearch 5.x version has the same version of Elasticsearch. Kibana is an opensource pluggable interface, free to change to be used for Elasticsearch. It provides data visualization and data discovery and with commercial products such as X-Pack, and also supports security, graph, and cluster monitoring.
You need an up-and-running Elasticsearch installation as we described in the Downloading and installing Elasticsearch recipe in Chapter 2, Downloading and Setup.
For installing Kibana, we will perform the following steps:
- Download a binary version for Elasticsearch website and unpack it. For Linux, the commands are as follows:
wget https://artifacts.elastic.co/downloads/kibana/kibana- 5.1.1-linux-x86_64.tar.gz tar -xzf kibana-5.1.1-linux-x86_64.tar.gz - On MacOsX, you can install Kibana via the following command:
brew install kibana
- If we want to install Xpack, we first need to install it in Elasticsearch via following command:
bin/elasticsearch-plugin install x-pack
- The result will be similar to the following output:
[=================================================] 100% @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: plugin requires additional permissions @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ * java.lang.RuntimePermission accessClassInPackage.com.sun.activation.registries * java.lang.RuntimePermission getClassLoader * java.lang.RuntimePermission setContextClassLoader * java.lang.RuntimePermission setFactory * java.security.SecurityPermission createPolicy.JavaPolicy * java.security.SecurityPermission getPolicy * java.security.SecurityPermission putProviderProperty.BC * java.security.SecurityPermission setPolicy * java.util.PropertyPermission * read,write * java.util.PropertyPermission sun.nio.ch.bugLevel write * javax.net.ssl.SSLPermission setHostnameVerifier See http://docs.oracle.com/javase/8/docs/technotes/guides /security/permissions.html for descriptions of what these permissions allow and the associated risks. Continue with installation? [y/n]y -> Installed x-pack - After having started Elasticsearch, a similar log line should appear as follows:
... loaded plugin [x-pack]
- And then, install it in Kibana using the
kibana-plugincommand line via following command:bin/kibana-plugin install x-pack
- The output will be as follows:
Transferring 123275957 bytes.................... Transfer complete Retrieving metadata from plugin archive Extracting plugin archive Extraction complete Optimizing and caching browser bundles... DeprecationWarning: os.tmpDir() is deprecated. Use os.tmpdir() instead. Plugin installation completeNote
Maybe Kibana/X-Pack could be hard to be get ready for using it, there is a Docker image which simplify a lot this jump start at http://elk-docker.readthedocs.io/#installation, with two commands on Linux you have the stack up and running.
Kibana is the official Elasticsearch frontend. It's an open source analytics and visualization platform to work with Elasticsearch based on AngularJS. It's served by a Node.js backend webserver. The development of Kibana is highly tight to Elasticsearch ones and the best practice is to use a Kibana version aligned to Elasticsearch ones.
Kibana allows us to navigate data in Elasticsearch and organize it in dashboards that are created, shared, and updated in real-time.
After having setup Elasticsearch and Kibana and started both, you can navigate Kibana at
http://localhost:5601
. If everything is alright, you can now login via the Username
Kibana and Password
changeme as shown in the following screenshot:
After having logged in Kibana, you must define the index patterns that must be used by default. Generally they are the logstash-* indices or .monitor-* indices (if the X-Pack monitor is installed) as shown in the following screenshot:
Kibana does mappings analysis on indices of index pattern to discover the format of your data and provide facilities for building queries and filters as shown in the following screenshot:
Kibana and Elasticsearch can be extended via X-Pack; it is composed of five special extensions in a single package that are as follows:
- Security: This is used to secure your cluster via authentication and SSL data encryption
- Monitor: This is used to monitor your node functionalities and the cluster overall
- Graph: This provides graph API for Elasticsearch--a graph-based approach for data discovery
- Watcher: This is a system that provided registered queries that allows us to monitor and keep an alert on your data
- Reporting: This is a module that is able to create reports from your dashboards
X-Pack is released as a single package for both Elasticsearch and Kibana. It extends the Elasticsearch server functionalities with monitoring, graph, and security. In Kibana, the X-pack provides new interface dashboards for its extended functionalities.