Elastics node.js web frontend in the stack, and (by default) runs on port 5601. It’s wise to install Kibana on its own infrastructure (i.e. isolated from the Elasticsearch cluster). The node process is light (compared to the JVM anyway) consuming hundreds of MB.
Package (yum or deb)
While available as a tarball, the nicest option is to go with a package, takes care of plumbing such as
systemd, and general system integration such as
/etc/kibana for configuration, logs and data files.
# dpkg -i kibana-6.5.4-amd64.deb
The distribution will be installed in
Elastic generally provides a separate binary to ease bolting on plugins.
cd /usr/share/kibana ./kibana-plugin install x-pack
A separate install is no longer necessary as of 6.5+, which by default is bundled. The X-Pack provides some really cool functionality:
- machine learning
- devtools (console, search and grok profilers)
- monitoring, of the stack, including elasticsearch, kibana, logstash etc. Very powerful, especially for keeping an eye on the health of elasticsearch search and indexing latency, or JVM performance.
/etc/kibana/kibana.yml. By default nothing is defined in this file. Properties to set:
server.hostmake sure you set this (e.g. to 0.0.0.0) for remote access
$ ps -aux | grep kibana kibana 4955 53.2 9.6 1512112 389140 ? Ssl 18:38 0:19 /usr/share/kibana/bin/../node/bin/node --no-warnings /usr/share/kibana/bin/../src/cli -c /etc/kibana/kibana.yml
Can see the node.js process. Dump ports:
$ netstat -tupln | grep node tcp 0 0 127.0.0.1:5601 0.0.0.0:* LISTEN 4955/node
Kibana will only work with indices that you tell it to. This is managed by creating index patterns. As of Kibana 6.5, go to Management > Index Patterns (under the Kibana section).