Kibana Tutorial

In this tutorial, you will learn about the Kibana tool. Kibana is a data visualization tool used for creating and analyzing data. The features of Kibana like Visualise, Dashboards make everyone use this tool for enhancing their business. As the necessity for data analysis and visualization is increasing, the demand for Kibana tools is also increasing.

In this Kibana Tutorial, I will be discussing the following topics:

What is Kibana? ELK Stack Features of Kibana Advantages of Kibana Building a Visualisation Kibana Lens Kibana Canvas Kibana Dashboards Adding Visualisations to a dashboard Kibana Plugins Machine Learning

What is Kibana

Kibana is a freeware visualization tool used to discover your search data in the browser and then design dashboards and visualizations. It also acts as a user interface to handle our security settings, roll up our data. Kibana works together with Elasticsearch and Logstash to form ELK Stack.

ELK Stack

The ELK Stack is developed to enable users to collect data from any source, to search, analyze and visualize the data from multiple points of view. It enables you to find all your log files in a place. Elasticsearch, Logstash, Kibana form the ELK Stack.

Functions of ELK Stacks

Logstash is used to obtain logging data or events from multiple sources. It deals with the events and deposits in Elasticsearch.

Kibana obtains the data from Elasticsearch and visualizes that data using a Pie chart, Line, or Bar graph.

Enroll in our ELK Stack Certification Course today and develop a strong foundation in ELK Stack.

Features of Kibana

1. Dashboard

The place where we can keep all the visualizations is called Dashboard. By analyzing the data in the dashboard, we can get a clear idea regarding what is happening actually.

2. Reports

The data present in the form of dashboards and visualizations are transformed into reports, and they are shared with others in the form of URLs or by inserting in the code.

3. Visualization

Kibana is primarily used for data visualization. To visualize the data, it will use pie charts, bar charts, line graphs, etc.

4. Dev tools

Through Dev tools, we can work with our indexes. Novices can insert dummy. Indexes and can perform various operations like update, add, delete on the data. We can create a visualization using indexes.

5. Canvas

Canvas is another strong feature of Kibana. This feature is used to visualize the data in different texts, shapes, color combinations, etc.

6. Timelion

Timeline, also known as Timeline, is a powerful tool used for analyzing the data according to the time. We will use simple expressions to link with the index and carry out computations on data to get the desired result.

7. Region Maps and Coordinates

This feature of Kibana is used to visualize the data on a geographical map to provide a real-time experience to the user.

Advantages of Kibana

• It is easy to understand for beginners.
• The canvas application of Kibana can visualize complex data quickly.
• The data in the visualization and dashboard is easily converted into reports.
• It can visualize large amounts of data easily.

Visualize

Visualization is used for creating visualizations for the data obtained from our elasticsearch indices. These visualizations are added to dashboards for analysis purposes.

According to the Elasticsearch queries, Kibana visualization is done. Kibana supports different types of visualizations; they are as follows:

Types of visualisations

1. Lens

It is used to create fundamental visualizations by easily dragging and dropping the required data fields.

2. Pie chart

It exhibits each source's participation in the total.

3. Goal and Gauge

It shows a number denoting the advancement.

4. Maps

In Kibana, Maps are used to exhibit geographical data.

5. Vega

Vega is used to visualizing the data based on the query.

6. Data Table

Displays accumulation data in a table format.

Building a Visualisation

Steps for building a visualization

Step1: For building Visualisation in Kibana, we have to select the index pattern that comprises the data for which visualization is built.

Step2: For building visualization from a saved search, we have to select that saved search.

Step3: To build visualization from rolled-up data, we will use a time bucket mechanism.

Step4: To reduce the level of detail, we can use time aggregation for merging multiple time buckets.

The above image exhibits different types of visualizations. We can select a visualization based on our requirements.

Inspect Visualisations

In Kibana, we can inspect the visualizations by selecting the Inspect option in the Kibana toolbar.

Downloading Data

For downloading Data, we have to select the Download CSV option. After selecting the  Download CSV, we can select the following options:

Formatted CSV: This option is used to download the data in a table format.

Raw CSV: This option is used to download the data as given.

Sharing Visualisation

After completing your visualization, you can share it externally. In the share menu, you can insert the code into a web page. After that, we have to share a direct link to the Kibana visualization. We have to create a PNG and PDF report.

Let us discuss some popular Visualisation formats briefly.

Kibana Lens

Kibana lens is an in-built tool created to provide quick access to details of the data to experts and naive users. To ease the exploration process of elastic search data Lens has a drag-and-drop interface. Lens assists in establishing the charts with clever suggestions.

Kibana Canvas

In Kibana, Canvas acts as a data visualization application. Through Canvas, real-time data is retrieved from elastic search and blended with images, colors, text, etc. Through Canvas, we can design multi-page and dynamic displays.

Working with Canvas

In canvas first, we should create a work pad. Steps for creating a work pad

Step1: After opening the Canvas, select Create Workpad

Step 2: To name your workplace, we have to go to the editor tab. Our work pad name is "workpad1".

After creating the work pad, we have to insert elements into the work pad. For that, we have to follow the below steps:

Step1: Select Add element and then select the image

Step2: If we don't have our image, an elastic logo image will appear.

Step3: To move the image, we have to select and drag it to your desired position.

The above image shows how a work pad looks.

Kibana Dashboards

A dashboard is defined as a collection of searches, visualizations, and charts. The dashboard gives you in-depth knowledge about your data.

Through the Dashboard, we can

Insert visualizations and maps for data analysis.

Organize Dashboards to exhibit the required data.

Personalize time scope to exhibit the required data.

Dashboard Preparing Techniques

When you are ready with Visualisations, you have to think about arranging the Visualisations in a Dashboard. Before preparing the dashboard, you have to think about the main objective of making the dashboard.

After determining the main objective of the dashboard, we have to collect the data from different sources. Fetching data from Multiple sources assists in getting an overview of the data, but it does not help drill down the data.

While Preparing the dashboard, we should make sure that it looks simple. The visualizations which are essential for data analysis should be added to the dashboard.

Create a Dashboard

For creating a dashboard, the data must be indexed into ElasticSearch, to obtain data from visualizations, Elastic Search, maps, or saved searches. If these are not present, you are forced to include them, when you create the dashboard, or through a sample data set also we can include them.

For creating a dashboard, we have to open the Dashboard tab; then we have to select the "create new dashboard" option.

After creating the Dashboard, we have to add the elements like saved searches, visualizations, maps into the panels.

Adding Visualisations to a dashboard

After creating a dashboard, we have to arrange the visualizations in the dashboard.

Steps to be followed for creating the dashboard

Step1: Open the Dashboard

Step2: In the Overview Page of Dashboard, Select Create New Dashboard

Step3: Fix a time filter like June 13th, 2020 to June 20th, 2020

Step4: In the Menu bar, select Add.

Step5: Include Map Example, Markdown Example, Bar Example.

The sample dashboard will look as follows:

The above sample dashboard shows a Pie chart visualization of five data items.

Kibana Plugins

The interfaces of Kibana Plugins are in a stage of continuous development. Due to this, we cannot give backward compatibility of plugins. Some of the popular Kibana Plugins are as follows:

Apps

Own-Home: It provides Multi-Tenancy. t

Indices View: It is used to view the information relevant to the indices.

AI Analyst: It provides ML Visualisations, NLP Queries.

Shard Allocation: It is used to visualize the shard allocation of Elasticsearch.

Visualizations

Bmap: This plugin is used for integrating echarts to map visualization.

Vega-based visualization: It supports external data sources, images, maps, etc.

Others

Kibana-API: It reveals an API used for the functioning of Kibana.

Prometheus Exporter: Kibana metrics are exported in Prometheus format.

Dev-Tools

In Kibana, we will use Dev-tools to put, search, delete, post the data you want.

Creating Index Through "PUT" Command

PUT Command is used as follows:

PUT Kibana?Kibana1

After executing this command, an empty index Kibana is created.

After completing the creation of the Index, we have to add the data to the index.

Adding Data to New Index using "PUT" command

The data can be added as follows:

PUT/ Kibana/Kibana1/1

{
  "Name": "Mindmajix",
   "Username": "Mind",
	"Email": "info@mindmajix.com"
  	"CreatedOn": "2020-05-11"
}

In the above code:

Kibana is the name of the index

Kibana1 is the index type

"1" is the id of the entered data.

Using the "GET" Command, we can fetch the data from the index

The Syntax of GET Command is as follows:

GET  Kibana/Kibana1/1

When we execute the above command, we can get the data present in the first record.

Deleting the data from the index

In Kibana, for deleting the data from any index, we will use the delete command.

The Syntax of the "DELETE" command is as follows:

DELETE Kibana/Kibana1/1

When we execute the above command, the data present in the first record is deleted.

Machine Learning

The size and complexity are increasing in data sets, so the human attempts necessary for inspecting rules and dashboards to detect infrastructure problems turn impossible. The features of Elastic Machine learning like Anomaly detection, outlier detection ease monitoring abnormal activities with minimum human intervention.

Anomaly Detection

The anomaly detection feature of Elastic Machine Learning automatically models the regular behavior of periodicity, learning trends in real-time to detect anomalies and minimize false positives.

Data Frame Analytics

The data frame analytics feature of Elastic Machine Learning allows you to study your data through regression algorithms and outlier detection.