Kibana

Kibana

Kibana is also an open-source highly scalable web-based interface which is the front end of the ELK stack. It provides graphical and visualization facility and effective search functions to the user which help to analysis large volume of data in a graphical manner.

Kibana is based on HTML, JavaScript, and Bootstrap. It requires a web server, included in the Kibana 6 package, and it is fully compatible with any modern browser. Despite the strong integration between Elasticsearch and Kibana, the latter is not a requirement for querying the search cluster. Kibana supports time-based comparisons, easy creation of graphical data representations like plots, charts, and maps, a flexible and responsive web interface, and powerful search syntax.

Conceptualization of Kibana

Kibana web interface provides two main capabilities.

  1. Aggregation
  2. Visualization type

An aggregation contains two classes namely Metric and Bucket.

  • Metric
    • The metric consists
      • Average
      • Unique count
      • Count
      • Percentile
      • Percentile
      • ranks
      • Min
      • Max
      • Sum
  • Bucket
    • The bucket consists
      • Histogram
      • Date histogram
      • Range
      • Date range
      • IPv4 range
      • Terms
      • Filters
      • Significant terms
      • Geohash

The visualization type consists as below.

  • Pie chart
  • Area chart
  • Line chart
  • Vertical bar chart
  • Data table
  • Markdown widget
  • Tilemap
  • Metric

It uses the Visualization type Metric to visualize a single number for various “Metric” aggregations. Furthermore, Kibana provides Dashboard, Time filter and Search bar capabilities. The below image elaborates on the conceptualization of Kibana.

Kibana | ELK Stack | Visualization | Elastic Stack

Key Features of Kibana

Kibana web interface: It has four main tabs.

  1. Discover: The discover page gives an overview of the data including listings of indices, listings of fields, and showing text contained in fields. In addition, this page allows the user to view all data stored in various indices by changing the index pattern. This page is used to perform interactive searches like free text searches, field-based searches, and range-based searches on the indexed Elasticsearch data. The toolbar comprises the search bar, and option buttons such as new search, save a search, load saved search, and settings. Furthermore, search query results highlight the matching documents. The time filter specifies which data of a particular time interval is contained. The discover page also contains a histogram, which shows the distribution of all documents matching the time filter in the selected index. The index name shows the name of the selected index. The fields list presents all fields within the selected index. The hits counter to display the number of matching documents in the selected time interval. Last but not least, the document data displays all the documents along with the date in the entire field as selected. The below image shows the options that we discussed above.

    Kibana | ELK Stack | Visualization | Elastic Stack
  2. Visualize: The visualize page is the most important page in Kibana. This page supports the creation of a visualization based on the selection of different visualization types or to load a saved visualization. The Visualize page provides an overview of different types of visualization provided and how to create a new visualization from a new search or saved search. Visualizations can also be shared with other users who have access to the specific Kibana instance. There are several different Visualization types, including area chart, data table, line chart, markdown widget, metric, pie chart, tilemap, and vertical bar chart. The below images show the options that we discussed above and how to create a dashboard.

    Kibana | ELK Stack | Visualization | Elastic Stack

    Kibana | ELK Stack | Visualization | Elastic Stack
  3. Dashboard: The dashboard page represents collections of saved visualizations and searches that can be arranged in any order. Visualizations can be used on multiple dashboards and changes in the visualization are reflected all of them automatically. A dashboard is used to combine different types of created visualizations and display them on a single page. The visualizations added to the dashboard can be arranged in any way as per the user’s requirements. The visualizations can easily be moved, resized, edited, and removed. The below image shows the options that we discussed above and how to create a dashboard.

    Kibana | ELK Stack | Visualization | Elastic Stack
  4. Setting/Management: Furthermore the settings page provides various functionalities of configuring index patterns, scripted fields, and saved objects followed by information about the current Elasticsearch server status, installed plugins and the Kibana version. The settings page contains in total of three tabs, namely index pattern, advanced settings, and objects. The below images show the options that we discussed above and how to functions work.

    Kibana | ELK Stack | Visualization | Elastic Stack

    Kibana | ELK Stack | Visualization | Elastic Stack

    Kibana | ELK Stack | Visualization | Elastic Stack

    Kibana | ELK Stack | Visualization | Elastic Stack
  5. Time filter: However the time filter is a powerful component that helps to drill down on data on a per-time basis. The time filter supports seeing data of a specified range. By default, it displays data for the last 15 minutes. The time range can change by using the time picker. After clicking on the time picker, three options for selecting a time filter: quick, relative, and absolute. The below image shows the options that we discussed above and how to functions work.

    Kibana | ELK Stack | Visualization | Elastic Stack

Search Bar: The user can query Elasticsearch data by using normal text queries or the Query DSL syntax in the search bar. The search bar provides the following types of searches among others,

  • Free-text Searches: This search aims at filtering documents containing the search term. It searches in all the documents for all the fields containing the searched term. For instance, by specifying the search term “ELK” in the search bar, and filtered all documents which contain the term ELK.
  • Boolean Search: Kibana provides Boolean searches, including AND, OR, and NOT Boolean operators. Moreover, these operators can combine together in order to perform more sophisticated searches. For example, the Boolean search “Big” AND “Data” will search for all documents that contain both terms: “Big” and “Data”.
  • Wildcard Searches: Kibana also provides single and multiple character wildcard searches within single terms. For example, using the term “cat*” will search for all documents that have terms, such as “cats”, “category”, “catalog”, or “allocate”, and so on.
  • Field Searches: Field searches allow searching for specific values or ranges of values for fields in the indexed document. Field searches are performed by using the field name and the: character, followed by a value for the field which should be filtered on. For instance, the search term: title: “Hotel ABC” AND category: “hotels” will search for all documents that have the title Hotel ABC and the category hotels.
  • Range Searches: Range searches aim to search for a range of values for a field. For instance, volume : [ 100000 TO 200000] will filter all documents which have a volume range from 100,000 to 200,000.

Reference
https://www.elastic.co/guide/en/logstash/current/input-plugins.html
https://www.elastic.co/guide/en/logstash/current/filter-plugins.html
https://www.elastic.co/guide/en/logstash/current/output-plugins.html
https://www.elastic.co/guide/en/logstash/current/advanced-pipeline.html
https://www.elastic.co/blog/logstash-centralized-pipeline-management

One Reply to “Kibana”

  1. Hi Bro… I am new to this Elasticsearch and Kibana so I have few doubts. Please clarify.
    1. You gave 1 link for github.i have gone throgh it,but when I am importing into eclipse not allowing.
    2. Is it required to run the application?if yes, please explain which tool I have to use to execute.
    3. Please provide the process of execution and tools
    4. How to get that developed Rest API data into Kibana
    5. I want to develop a dashboard so kindly sugegst me.
    My mail id is matoori202@gmail..com
    whatsapp…..8179890262

    Thanks