Intro
Elastics node.js web frontend in the stack, and (by default) runs on port 5601. It’s wise to install Kibana on its own infrastructure (i.e. isolated from the Elasticsearch cluster). The node process is light (compared to the JVM anyway) consuming hundreds of MB.
Install
Package (yum or deb)
While available as a tarball, the nicest option is to go with a package, takes care of plumbing such as systemd, and general system integration such as /etc/kibana for configuration, logs and data files.
# dpkg -i kibana-6.5.4-amd64.deb
The distribution will be installed in /usr/share/kibana
X-Pack
Elastic generally provides a separate binary to ease bolting on plugins.
cd /usr/share/kibana
./kibana-plugin install x-pack
A separate install is no longer necessary as of 6.5+, which by default is bundled. The X-Pack provides some really cool functionality:
- machine learning
- devtools (console, search and grok profilers)
- monitoring, of the stack, including elasticsearch, kibana, logstash etc. Very powerful, especially for keeping an eye on the health of elasticsearch search and indexing latency, or JVM performance.
Configuration
Jump into /etc/kibana/kibana.yml. By default nothing is defined in this file. Properties to set:
server.hostmake sure you set this (e.g. to 0.0.0.0) for remote accesselasticsearch.urlsuch ashttp://localhost:9200server.port
Verify
List processes:
$ ps -aux | grep kibana
kibana 4955 53.2 9.6 1512112 389140 ? Ssl 18:38 0:19 /usr/share/kibana/bin/../node/bin/node --no-warnings /usr/share/kibana/bin/../src/cli -c /etc/kibana/kibana.yml
Can see the node.js process. Dump ports:
$ netstat -tupln | grep node
tcp 0 0 127.0.0.1:5601 0.0.0.0:* LISTEN 4955/node
Index Patterns
Kibana will only work with indices that you tell it to. This is managed by creating index patterns. As of Kibana 6.5, go to Management > Index Patterns (under the Kibana section).