2015-01-23 18:54:40 +01:00
|
|
|
|
[[introduction]]
|
2020-03-05 17:55:54 +01:00
|
|
|
|
== {kib} — your window into the Elastic Stack
|
|
|
|
|
++++
|
|
|
|
|
<titleabbrev>What is Kibana?</titleabbrev>
|
|
|
|
|
++++
|
2015-01-23 23:37:26 +01:00
|
|
|
|
|
2020-03-05 17:55:54 +01:00
|
|
|
|
**_Explore and visualize your data and manage all things Elastic Stack._**
|
2015-01-23 23:37:26 +01:00
|
|
|
|
|
2020-03-05 17:55:54 +01:00
|
|
|
|
Whether you’re a user or admin, {kib} makes your data actionable by providing
|
|
|
|
|
three key functions. Kibana is:
|
2015-01-23 23:37:26 +01:00
|
|
|
|
|
2020-03-05 17:55:54 +01:00
|
|
|
|
* **An open-source analytics and visualization platform.**
|
|
|
|
|
Use {kib} to explore your {es} data, and then build beautiful visualizations and dashboards.
|
|
|
|
|
|
|
|
|
|
* **A UI for managing the Elastic Stack.**
|
|
|
|
|
Manage your security settings, assign user roles, take snapshots, roll up your data,
|
|
|
|
|
and more — all from the convenience of a {kib} UI.
|
|
|
|
|
|
|
|
|
|
* **A centralized hub for Elastic's solutions.** From log analytics to
|
|
|
|
|
document discovery to SIEM, {kib} is the portal for accessing these and other capabilities.
|
|
|
|
|
|
|
|
|
|
[role="screenshot"]
|
|
|
|
|
image::images/intro-kibana.png[]
|
|
|
|
|
|
|
|
|
|
[float]
|
|
|
|
|
[[get-data-into-kibana]]
|
|
|
|
|
=== Getting data into {kib}
|
|
|
|
|
|
|
|
|
|
{kib} is designed to use {es} as a data source. Think of Elasticsearch as the engine that stores
|
|
|
|
|
and processes the data, with {kib} sitting on top.
|
|
|
|
|
|
|
|
|
|
From the home page, {kib} provides these options for getting data in:
|
|
|
|
|
|
|
|
|
|
* Set up a data flow to Elasticsearch using our built-in tutorials.
|
|
|
|
|
(If a tutorial doesn’t exist for your data, go to the
|
|
|
|
|
{beats-ref}/beats-reference.html[Beats overview] to learn about other data shippers
|
|
|
|
|
in the {beats} family.)
|
|
|
|
|
* <<add-sample-data, Add a sample data set>> and take {kib} for a test drive without loading data yourself.
|
|
|
|
|
* Import static data using the
|
|
|
|
|
https://www.elastic.co/blog/importing-csv-and-log-data-into-elasticsearch-with-file-data-visualizer[file upload feature].
|
|
|
|
|
* Index your data into Elasticsearch with {ref}/getting-started-index.html[REST APIs]
|
|
|
|
|
or https://www.elastic.co/guide/en/elasticsearch/client/index.html[client libraries].
|
|
|
|
|
+
|
|
|
|
|
[role="screenshot"]
|
|
|
|
|
image::images/intro-data-tutorial.png[Ways to get data in from the home page]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
{kib} uses an
|
|
|
|
|
<<index-patterns, index pattern>> to tell it which {es} indices to explore.
|
|
|
|
|
If you add sample data or run a built-in tutorial, you get an index pattern for free,
|
|
|
|
|
and are good to start exploring. If you load your own data, you can create
|
|
|
|
|
an index pattern in <<management, Management>>.
|
|
|
|
|
|
|
|
|
|
[float]
|
|
|
|
|
[[explore-and-query]]
|
|
|
|
|
=== Explore & query
|
|
|
|
|
|
|
|
|
|
Ready to dive into your data? With <<discover, Discover>>, you can explore your data and
|
|
|
|
|
search for hidden insights and relationships. Ask your questions, and then
|
|
|
|
|
narrow the results to just the data you want.
|
|
|
|
|
|
|
|
|
|
[role="screenshot"]
|
|
|
|
|
image::images/intro-discover.png[]
|
|
|
|
|
|
|
|
|
|
[float]
|
|
|
|
|
[[visualize-and-analyze]]
|
|
|
|
|
=== Visualize & analyze
|
|
|
|
|
|
|
|
|
|
A visualization is worth a thousand log lines, and {kib} provides
|
|
|
|
|
many options for showcasing your data. Use <<lens, Lens>>,
|
|
|
|
|
our drag-and-drop interface,
|
|
|
|
|
to rapidly build
|
|
|
|
|
charts, tables, metrics, and more. If there
|
|
|
|
|
is a better visualization for your data, *Lens* suggests it, allowing for quick
|
|
|
|
|
switching between visualization types.
|
|
|
|
|
|
|
|
|
|
Once your visualizations are just the way you want,
|
|
|
|
|
use <<dashboard, Dashboard>> to collect them in one place. A dashboard provides
|
|
|
|
|
insights into your data from multiple perspectives.
|
|
|
|
|
|
|
|
|
|
[role="screenshot"]
|
|
|
|
|
image::images/intro-dashboard.png[]
|
|
|
|
|
|
|
|
|
|
{kib} also offers these visualization features:
|
|
|
|
|
|
|
|
|
|
* <<visualize, Visualize>> allows you to display your data in
|
|
|
|
|
line charts, bar graphs, pie charts, histograms, and tables
|
2020-03-09 16:29:25 +01:00
|
|
|
|
(just to name a few). It's also home to *Lens*, the drag-and-drop interface.
|
2020-03-05 17:55:54 +01:00
|
|
|
|
*Visualize* supports the ability to add interactive
|
|
|
|
|
controls to your dashboard, and filter dashboard content in real time.
|
|
|
|
|
|
|
|
|
|
* <<canvas, Canvas>> gives you the ability to present your data in a
|
|
|
|
|
visually compelling, pixel-perfect report. Give your data the “wow” factor
|
|
|
|
|
needed to impress your CEO or to captivate people with a big-screen display.
|
|
|
|
|
|
|
|
|
|
* <<maps, Elastic Maps>> enables you to ask (and answer) meaningful
|
|
|
|
|
questions of your location-based data. *Elastic Maps* supports multiple
|
|
|
|
|
layers and data sources, mapping of individual geo points and shapes,
|
|
|
|
|
and dynamic client-side styling.
|
|
|
|
|
|
|
|
|
|
* <<TSVB, TSVB>> allows you to combine
|
|
|
|
|
an infinite number of aggregations to display complex data in a meaningful way.
|
|
|
|
|
With TSVB, you can analyze multiple index patterns and customize
|
|
|
|
|
every aspect of your visualization. Choose your own date format and color
|
|
|
|
|
gradients, and easily switch your data view between time series, metric,
|
|
|
|
|
top N, gauge, and markdown.
|
|
|
|
|
|
|
|
|
|
[float]
|
|
|
|
|
[[organize-and-secure]]
|
|
|
|
|
=== Organize & secure
|
|
|
|
|
|
|
|
|
|
Want to share Kibana’s goodness with other people or teams? You can do so with
|
|
|
|
|
<<xpack-spaces, Spaces>>, built for organizing your visualizations, dashboards, and indices.
|
|
|
|
|
Think of a space as its own mini {kib} installation — it’s isolated from
|
|
|
|
|
all other spaces, so you can tailor it to your specific needs without impacting others.
|
|
|
|
|
|
|
|
|
|
You can even choose which features to enable within each space. Don’t need
|
|
|
|
|
Machine learning in your “Executive” space? Simply turn it off.
|
|
|
|
|
|
|
|
|
|
[role="screenshot"]
|
|
|
|
|
image::images/intro-spaces.jpg[]
|
|
|
|
|
|
|
|
|
|
You can take this all one step further with Kibana’s security features, and
|
|
|
|
|
control which users have access to each space. {kib} allows for fine-grained
|
|
|
|
|
controls, so you can give a user read-only access to
|
|
|
|
|
dashboards in one space, but full access to all of Kibana’s features in another.
|
|
|
|
|
|
|
|
|
|
[float]
|
|
|
|
|
[[manage-all-things-stack]]
|
|
|
|
|
=== Manage all things Elastic Stack
|
|
|
|
|
|
|
|
|
|
<<management, Management>> provides guided processes for managing all
|
|
|
|
|
things Elastic Stack — indices, clusters, licenses, UI settings, index patterns,
|
|
|
|
|
and more. Want to update your {es} indices? Set user roles and privileges?
|
|
|
|
|
Turn on dark mode? Kibana has UIs for all that.
|
|
|
|
|
|
|
|
|
|
[role="screenshot"]
|
|
|
|
|
image::images/intro-management.png[]
|
|
|
|
|
|
|
|
|
|
[float]
|
|
|
|
|
[[extend-your-use-case]]
|
|
|
|
|
=== Extend your use case — or add a new one
|
|
|
|
|
|
|
|
|
|
As a hub for Elastic's https://www.elastic.co/products/[solutions], {kib}
|
|
|
|
|
can help you find security vulnerabilities,
|
|
|
|
|
monitor performance, and address your business needs. Get alerted if a key
|
|
|
|
|
metric spikes. Detect anomalous behavior or forecast future spikes. Root out
|
|
|
|
|
bottlenecks in your application code. Kibana doesn’t limit or dictate how you explore your data.
|
|
|
|
|
|
|
|
|
|
[role="screenshot"]
|
|
|
|
|
image::siem/images/detections-ui.png[]
|
|
|
|
|
|
|
|
|
|
[float]
|
|
|
|
|
[[try-kibana]]
|
|
|
|
|
=== Give {kib} a try
|
|
|
|
|
|
|
|
|
|
There is no faster way to try out {kib} than with our hosted {es} Service.
|
|
|
|
|
https://www.elastic.co/cloud/elasticsearch-service/signup[Sign up for a free trial]
|
|
|
|
|
and start exploring data in minutes.
|
|
|
|
|
|
|
|
|
|
You can also <<install, install {kib} on your own>> — no code, no additional
|
|
|
|
|
infrastructure required.
|
|
|
|
|
|
|
|
|
|
Our <<tutorial-build-dashboard, Getting Started>> and in-product guidance can
|
|
|
|
|
help you get up and running, faster. Use our Help menu if you have questions or feedback.
|