Guide How To Setup And Connect Kibana With Elasticsearch

Introduction

Elastricsearch is a powerful service that is enhanced further by incorporating the available tools from Elastic that integrate into it. Kibana is one of those tools and it brings a whole new dimension to using the service. You can learn how to set up and connect Kibana with Elasticsearch by following the process laid out in the paragraphs that follow. Once you have finished, the dynamical graphics capability of the Kibana tool will be opened to you for exploration.

Prerequisites

• You must have Elasticsearch and Kibana properly installed and running beforehand.

• It’s recommended that you run the same “major” version number of Kibana that matches the major version number of your Elasticsearch installation (e.g. Kibana v5.x should be installed alongside Elasticsearch v5.x).

• Elasticsearch only has 64-bit architecture support. Many, if not all of the Elastic products, will have trouble working properly on the 32-bit environment.

• If you’re running Kibana on a web server, then you’ll need to have SSH access to it using a private key.

• It is recommended that you have Java version 1.8 or later installed when running Elasticsearch. You can check the version of Java installed on your UNIX-based server by entering this command in your terminal:

• If you’re running the ELK stack on a Window’s machine, you can verify the version of Java by visiting the “Java Control Panel” that are listed in your Start Menu’s programs. Once inside Java’s Control Panel, you can click on its About tab to get more information (i.e. its JDK and JDE versions).

Running the Elk Stack Services

Configuring Kibana can be done through the config file (kibana.yml) where it reads the properties from, you can update the kibana.yml to suit your requirement. * Kibana will run on port 5601 by default, so you can check if Kibana is running by navigating to http://localhost:5601 in your browser.

• Likewise, you can navigate to http://localhost:9200 to check if Elasticsearch is running—if so, you should see an Elasticsearch JSON response containing cluster information displayed as the page’s HTML.

• If the page is not loading, or you get a message that says something like "This site can’t be reached", then that probably means the Kibana service is not running.

• If your Kibana is installed on a UNIX-based OS (like macOS or Linux), you can use this command in terminal to start the service with sudo privileges:

WINDOWS USERS:

• If you want to run the service on a Windows machine, just run the executable for Kibana in a command prompt window you find in the containing folder for the extracted Windows archive of Kibana:.\bin\kibana.bat.
• By default, Kibana will stay in the background, but if you want to shut down the service, just go back to that command prompt window and press CTRL + C.

Configuring Kibana

Configuring Kibana can be done through the config file (kibana.yml) were it reads the properties from, you can update the kibana.yml to suit your requirement.

• Each Kibana version has its own respective list of all of the YAML configuration file’s variables that you can “tweak” or modify.
• For example, you can change the default port Kibana runs on by modifying the server.port variable in the kibana.yml configuration file.

  Kibana on macOS or Linux

• The easiest way to modify the file, on a UNIX-based machine or server, is to edit the config file using nano. In your terminal, navigate to the Kibana directory (usually located at etc/kibana), and cd into it.
• It’s not a bad idea to make a backup of the original configuration file before you make any changes:

• Once you’re inside the Kibana directory you can use this command for editing the configuration file:

• When you’ve finished making changes, press CTRL + O to save your modifications, and then CTRL + X to exit the nano editor.

• Make sure the Kibana service is restarted to ensure that the changes take effect:

Connect Kibana with Elasticsearch

• Before you can delve into Kibana, you have to tell Elasticsearch which indices to explore.

• You will be prompted to define theindex pattern that matches the name of at least one index when you access Kibana.

• To configure the Elasticsearch indices you want to explore with Kibana:

• Open Kibana in your browser by navigating to its port (default is 5601) on your localhost or server domain to access the UI. For example: localhost:5601 or http://{YOURDOMAIN}.com:5601.

• In specifying an index pattern to match the name of the indices you can include an asterisk (*) to match zero or more characters in an index’s name. Any matching indices will display when filling out the index pattern.

• Click Next Step

• You can select and perform a time-based comparison on the index field containing the timestamp, otherwise you can choose I don’t want to use the Time Filter option.

• To add the pattern, click the Create index pattern. >If you have multiple index patterns, you can designate the one that is the default. Otherwise, the first pattern automatically gets configured as default.

Conclusion

The procedure outlined above provides all the required steps to set up and connect the Kibana user interface tool to the Elasticsearch service. With Kibana configured as in the preceding statements, the functionality of the Elastic products comes to life in real time.