2016-10-25 03:41:32 +02:00
[[settings]]
2020-06-08 23:46:26 +02:00
== Configure {kib}
2016-10-25 03:41:32 +02:00
2020-05-04 17:22:40 +02:00
The {kib} server reads properties from the `kibana.yml` file on startup. The
2019-05-23 22:26:44 +02:00
location of this file differs depending on how you installed {kib}. For example,
if you installed {kib} from an archive distribution (`.tar.gz` or `.zip`), by
default it is in `$KIBANA_HOME/config`. By default, with package distributions
2021-02-10 17:01:49 +01:00
(Debian or RPM), it is in `/etc/kibana`. The config directory can be changed via the
`KBN_PATH_CONF` environment variable:
2021-04-21 00:23:49 +02:00
[source,text]
--
2021-02-10 17:01:49 +01:00
KBN_PATH_CONF=/home/kibana/config ./bin/kibana
2021-04-21 00:23:49 +02:00
--
2018-07-03 22:32:49 +02:00
2019-12-11 21:22:45 +01:00
The default host and port settings configure {kib} to run on `localhost:5601`. To change this behavior and allow remote users to connect, you'll need to update your `kibana.yml` file. You can also enable SSL and set a
2019-02-11 18:20:19 +01:00
variety of other options. Finally, environment variables can be injected into
configuration using `${MY_ENV_VAR}` syntax.
2016-10-25 03:41:32 +02:00
2020-05-04 17:22:40 +02:00
[cols="2*<"]
|===
2018-05-22 19:51:25 +02:00
2021-10-19 12:33:57 +02:00
| `console.ui.enabled:`
Toggling this causes the server to regenerate assets on the next startup,
which may cause a delay before pages start being served.
Set to `false` to disable Console. *Default: `true`*
2021-10-17 17:54:30 +02:00
| `csp.rules:`
| deprecated:[7.14.0,"In 8.0 and later, this setting will no longer be supported."]
A https://w3c.github.io/webappsec-csp/[Content Security Policy] template
that disables certain unnecessary and potentially insecure capabilities in
the browser. It is strongly recommended that you keep the default CSP rules
that ship with {kib}.
2019-02-11 18:20:19 +01:00
2021-06-25 20:41:37 +02:00
| `csp.script_src:`
| Add sources for the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src[Content Security Policy `script-src` directive].
| `csp.worker_src:`
| Add sources for the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/worker-src[Content Security Policy `worker-src` directive].
| `csp.style_src:`
| Add sources for the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src[Content Security Policy `style-src` directive].
| `csp.connect_src:`
| Add sources for the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/connect-src[Content Security Policy `connect-src` directive].
| `csp.default_src:`
| Add sources for the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src[Content Security Policy `default-src` directive].
| `csp.font_src:`
| Add sources for the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/font-src[Content Security Policy `font-src` directive].
| `csp.frame_src:`
| Add sources for the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-src[Content Security Policy `frame-src` directive].
| `csp.img_src:`
| Add sources for the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/img-src[Content Security Policy `img-src` directive].
| `csp.frame_ancestors:`
| Add sources for the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors[Content Security Policy `frame-ancestors` directive].
|===
[NOTE]
============
2021-06-29 16:38:50 +02:00
The `frame-ancestors` directive can also be configured by using
<<server-securityResponseHeaders-disableEmbedding, `server.securityResponseHeaders.disableEmbedding`>>. In that case, that takes precedence and any values in `csp.frame_ancestors`
2021-06-25 20:41:37 +02:00
are ignored.
============
[cols="2*<"]
|===
| `csp.report_uri:`
| Add sources for the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-uri[Content Security Policy `report-uri` directive].
| `csp.report_to:`
| Add sources for the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-to[Content Security Policy `report-to` directive].
2020-09-23 17:01:05 +02:00
|[[csp-strict]] `csp.strict:`
2020-05-04 17:22:40 +02:00
| Blocks {kib} access to any browser that
does not enforce even rudimentary CSP rules. In practice, this disables
2019-12-11 21:22:45 +01:00
support for older, less safe browsers like Internet Explorer.
2020-05-04 17:22:40 +02:00
For more information, refer to <<csp-strict-mode, Content Security Policy>>.
*Default: `true`*
| `csp.warnLegacyBrowsers:`
| Shows a warning message after loading {kib} to any browser that does not
enforce even rudimentary CSP rules, though {kib} is still accessible. This
2020-09-23 17:01:05 +02:00
configuration is effectively ignored when <<csp-strict, `csp.strict`>> is enabled.
2020-05-04 17:22:40 +02:00
*Default: `true`*
| `elasticsearch.customHeaders:`
| Header names and values to send to {es}. Any custom headers cannot be
overwritten by client-side headers, regardless of the
2020-09-23 17:01:05 +02:00
<<elasticsearch-requestHeadersWhitelist, `elasticsearch.requestHeadersWhitelist`>> configuration. *Default: `{}`*
2020-05-04 17:22:40 +02:00
2020-09-23 17:01:05 +02:00
|[[elasticsearch-hosts]] `elasticsearch.hosts:`
2020-05-04 17:22:40 +02:00
| The URLs of the {es} instances to use for all your queries. All nodes
listed here must be on the same cluster. *Default: `[ "http://localhost:9200" ]`*
2020-09-24 00:23:20 +02:00
2020-05-04 17:22:40 +02:00
To enable SSL/TLS for outbound connections to {es}, use the `https` protocol
in this setting.
| `elasticsearch.logQueries:`
2021-03-31 23:36:48 +02:00
| deprecated:[7.12.0,"This setting is no longer used and will be removed in Kibana 8.0."]
Instead, configure the `elasticsearch.query` logger.
+
This is useful for seeing the query DSL generated by applications that
currently do not have an inspector, for example Timelion and Monitoring.
*Default: `false`*
2020-05-04 17:22:40 +02:00
2021-03-30 16:54:15 +02:00
The following example shows a valid `elasticsearch.query` logger configuration:
|===
[source,text]
--
logging:
appenders:
console_appender:
type: console
layout:
type: pattern
highlight: true
root:
appenders: [default, console_appender]
level: warn
loggers:
- name: elasticsearch.query
level: debug
--
[cols="2*<"]
|===
2020-09-23 17:01:05 +02:00
|[[elasticsearch-pingTimeout]] `elasticsearch.pingTimeout:`
2020-05-04 17:22:40 +02:00
| Time in milliseconds to wait for {es} to respond to pings.
2020-09-23 17:01:05 +02:00
*Default: the value of the <<elasticsearch-requestTimeout, `elasticsearch.requestTimeout`>> setting*
2020-05-04 17:22:40 +02:00
2020-09-23 17:01:05 +02:00
|[[elasticsearch-requestHeadersWhitelist]] `elasticsearch.requestHeadersWhitelist:`
2020-05-04 17:22:40 +02:00
| List of {kib} client-side headers to send to {es}. To send *no* client-side
headers, set this value to [] (an empty list). Removing the `authorization`
header from being whitelisted means that you cannot use
<<basic-authentication, basic authentication>> in {kib}.
*Default: `[ 'authorization' ]`*
2020-09-23 17:01:05 +02:00
|[[elasticsearch-requestTimeout]] `elasticsearch.requestTimeout:`
2020-05-04 17:22:40 +02:00
| Time in milliseconds to wait for responses from the back end or {es}.
This value must be a positive integer. *Default: `30000`*
| `elasticsearch.shardTimeout:`
| Time in milliseconds for {es} to wait for responses from shards.
Set to 0 to disable. *Default: `30000`*
| `elasticsearch.sniffInterval:`
| Time in milliseconds between requests to check {es} for an updated list of
nodes. *Default: `false`*
| `elasticsearch.sniffOnStart:`
| Attempt to find other {es} nodes on startup. *Default: `false`*
| `elasticsearch.sniffOnConnectionFault:`
| Update the list of {es} nodes immediately following a connection fault.
*Default: `false`*
2020-09-23 17:01:05 +02:00
|[[elasticsearch-ssl-alwaysPresentCertificate]] `elasticsearch.ssl.alwaysPresentCertificate:`
2020-05-04 17:22:40 +02:00
| Controls {kib} behavior in regard to presenting a client certificate when
requested by {es}. This setting applies to all outbound SSL/TLS connections
to {es}, including requests that are proxied for end users. *Default: `false`*
|===
[WARNING]
============
When {es} uses certificates to authenticate end users with a PKI realm
2020-09-23 17:01:05 +02:00
and <<elasticsearch-ssl-alwaysPresentCertificate, `elasticsearch.ssl.alwaysPresentCertificate`>> is `true`,
2020-05-04 17:22:40 +02:00
proxied requests may be executed as the identity that is tied to the {kib}
server.
============
[cols="2*<"]
|===
2020-09-23 17:01:05 +02:00
|[[elasticsearch-ssl-cert-key]] `elasticsearch.ssl.certificate:` and `elasticsearch.ssl.key:`
2020-05-04 17:22:40 +02:00
| Paths to a PEM-encoded X.509 client certificate and its corresponding
private key. These are used by {kib} to authenticate itself when making
outbound SSL/TLS connections to {es}. For this setting to take effect, the
`xpack.security.http.ssl.client_authentication` setting in {es} must be also
be set to `"required"` or `"optional"` to request a client certificate from
{kib}.
|===
[NOTE]
============
2020-09-24 00:23:20 +02:00
These settings cannot be used in conjunction with
2020-09-23 17:01:05 +02:00
<<elasticsearch-ssl-keystore-path, `elasticsearch.ssl.keystore.path`>>.
2020-05-04 17:22:40 +02:00
============
[cols="2*<"]
|===
2020-09-23 17:01:05 +02:00
|[[elasticsearch-ssl-certificateAuthorities]] `elasticsearch.ssl.certificateAuthorities:`
2020-05-04 17:22:40 +02:00
| Paths to one or more PEM-encoded X.509 certificate authority (CA)
certificates, which make up a trusted certificate chain for {es}. This chain is
used by {kib} to establish trust when making outbound SSL/TLS connections to
{es}.
2020-09-24 00:23:20 +02:00
2020-05-04 17:22:40 +02:00
In addition to this setting, trusted certificates may be specified via
2020-09-24 00:23:20 +02:00
<<elasticsearch-ssl-keystore-path, `elasticsearch.ssl.keystore.path`>> and/or
2020-09-23 17:01:05 +02:00
<<elasticsearch-ssl-truststore-path, `elasticsearch.ssl.truststore.path`>>.
2020-05-04 17:22:40 +02:00
| `elasticsearch.ssl.keyPassphrase:`
| The password that decrypts the private key that is specified
2020-09-23 17:01:05 +02:00
via <<elasticsearch-ssl-cert-key, `elasticsearch.ssl.key`>>. This value is optional, as the key may not be
2020-05-04 17:22:40 +02:00
encrypted.
2020-09-23 17:01:05 +02:00
|[[elasticsearch-ssl-keystore-path]] `elasticsearch.ssl.keystore.path:`
2020-05-04 17:22:40 +02:00
| Path to a PKCS#12 keystore that contains an X.509 client certificate and it's
corresponding private key. These are used by {kib} to authenticate itself when
making outbound SSL/TLS connections to {es}. For this setting, you must also set
the `xpack.security.http.ssl.client_authentication` setting in {es} to
`"required"` or `"optional"` to request a client certificate from {kib}.
2020-09-24 00:23:20 +02:00
2020-05-04 17:22:40 +02:00
If the keystore contains any additional certificates, they are used as a
trusted certificate chain for {es}. This chain is used by {kib} to establish
trust when making outbound SSL/TLS connections to {es}. In addition to this
setting, trusted certificates may be specified via
2020-09-23 17:01:05 +02:00
<<elasticsearch-ssl-certificateAuthorities, `elasticsearch.ssl.certificateAuthorities`>> and/or
<<elasticsearch-ssl-truststore-path, `elasticsearch.ssl.truststore.path`>>.
2020-01-09 19:03:16 +01:00
2020-05-04 17:22:40 +02:00
|===
2020-01-09 19:03:16 +01:00
2020-05-04 17:22:40 +02:00
[NOTE]
============
This setting cannot be used in conjunction with
2020-09-23 17:01:05 +02:00
<<elasticsearch-ssl-cert-key, `elasticsearch.ssl.certificate`>> or <<elasticsearch-ssl-cert-key, `elasticsearch.ssl.key`>>.
2020-05-04 17:22:40 +02:00
============
2020-01-29 18:59:50 +01:00
2020-05-04 17:22:40 +02:00
[cols="2*<"]
|===
2020-01-09 19:03:16 +01:00
2020-05-04 17:22:40 +02:00
| `elasticsearch.ssl.keystore.password:`
| The password that decrypts the keystore specified via
2020-09-24 00:23:20 +02:00
<<elasticsearch-ssl-keystore-path, `elasticsearch.ssl.keystore.path`>>. If the keystore has no password, leave this
2020-05-04 17:22:40 +02:00
as blank. If the keystore has an empty password, set this to
2020-01-29 18:59:50 +01:00
`""`.
2020-01-09 19:03:16 +01:00
2020-09-23 17:01:05 +02:00
|[[elasticsearch-ssl-truststore-path]] `elasticsearch.ssl.truststore.path:`
2020-05-04 17:22:40 +02:00
| Path to a PKCS#12 trust store that contains one or more X.509 certificate
authority (CA) certificates, which make up a trusted certificate chain for
{es}. This chain is used by {kib} to establish trust when making outbound
SSL/TLS connections to {es}.
2020-09-24 00:23:20 +02:00
2020-05-04 17:22:40 +02:00
In addition to this setting, trusted certificates may be specified via
2020-09-23 17:01:05 +02:00
<<elasticsearch-ssl-certificateAuthorities, `elasticsearch.ssl.certificateAuthorities`>> and/or
<<elasticsearch-ssl-keystore-path, `elasticsearch.ssl.keystore.path`>>.
2020-01-09 19:03:16 +01:00
2020-05-04 17:22:40 +02:00
|`elasticsearch.ssl.truststore.password:`
| The password that decrypts the trust store specified via
2020-09-24 00:23:20 +02:00
<<elasticsearch-ssl-truststore-path, `elasticsearch.ssl.truststore.path`>>. If the trust store
2020-09-23 17:01:05 +02:00
has no password, leave this as blank. If the trust store has an empty password, set this to `""`.
2020-05-04 17:22:40 +02:00
2020-12-17 19:36:31 +01:00
|[[elasticsearch-ssl-verificationMode]] `elasticsearch.ssl.verificationMode:`
2020-05-04 17:22:40 +02:00
| Controls the verification of the server certificate that {kib} receives when
making an outbound SSL/TLS connection to {es}. Valid values are `"full"`,
`"certificate"`, and `"none"`. Using `"full"` performs hostname verification,
using `"certificate"` skips hostname verification, and using `"none"` skips
verification entirely. *Default: `"full"`*
2020-09-23 17:01:05 +02:00
|[[elasticsearch-user-passwd]] `elasticsearch.username:` and `elasticsearch.password:`
2020-05-04 17:22:40 +02:00
| If your {es} is protected with basic authentication, these settings provide
the username and password that the {kib} server uses to perform maintenance
on the {kib} index at startup. {kib} users still need to authenticate with
{es}, which is proxied through the {kib} server.
2021-07-12 20:18:35 +02:00
|[[elasticsearch-service-account-token]] `elasticsearch.serviceAccountToken:`
| beta[]. If your {es} is protected with basic authentication, this token provides the credentials
that the {kib} server uses to perform maintenance on the {kib} index at startup. This setting
is an alternative to `elasticsearch.username` and `elasticsearch.password`.
2021-01-21 17:59:08 +01:00
| `enterpriseSearch.host`
2021-10-18 23:19:00 +02:00
| The http(s) URL of your Enterprise Search instance. For example, in a local self-managed setup, set this to `http://localhost:3002`. Authentication between Kibana and the Enterprise Search host URL, such as via OAuth, is not supported. You can also {enterprise-search-ref}/configure-ssl-tls.html#configure-ssl-tls-in-kibana[configure Kibana to trust your Enterprise Search TLS certificate authority].
2021-01-21 17:59:08 +01:00
2020-05-04 17:22:40 +02:00
| `interpreter.enableInVisualize`
| Enables use of interpreter in Visualize. *Default: `true`*
2021-06-01 21:36:07 +02:00
| `data.autocomplete.valueSuggestions.timeout:` {ess-icon}
2020-05-04 17:22:40 +02:00
| Time in milliseconds to wait for autocomplete suggestions from {es}.
This value must be a whole number greater than zero. *Default: `"1000"`*
2021-06-01 21:36:07 +02:00
| `data.autocomplete.valueSuggestions.terminateAfter:` {ess-icon}
2020-05-04 17:22:40 +02:00
| Maximum number of documents loaded by each shard to generate autocomplete
suggestions. This value must be a whole number greater than zero.
*Default: `"100000"`*
2021-01-13 18:54:52 +01:00
|===
[NOTE]
============
To reload the logging settings, send a SIGHUP signal to {kib}.
============
[cols="2*<"]
|===
2021-03-30 16:54:15 +02:00
|[[logging-root]] `logging.root:`
2021-04-21 00:23:49 +02:00
| The {kibana-ref}/logging-service.html#logging-service[`root` logger] has a dedicated configuration node since this context name is special and is pre-configured for logging by default.
2021-03-30 16:54:15 +02:00
// TODO: add link to the advanced logging documentation.
2020-05-04 17:22:40 +02:00
2021-03-30 16:54:15 +02:00
|[[logging-root-appenders]] `logging.root.appenders:`
| A list of logging appenders to forward the root level logger instance to. By default `root` is configured with the `default` appender that must be included in the list. This is the configuration that all custom loggers will use unless they're re-configured explicitly. Additional appenders, if configured, can be included in the list.
2020-05-04 17:22:40 +02:00
2021-03-30 16:54:15 +02:00
|[[logging-root-level]] `logging.root.level:` {ess-icon}
| Level at which a log record should be logged. Supported levels are: _all_, _fatal_, _error_, _warn_, _info_, _debug_, _trace_, _off_. Levels are ordered from _all_ (highest) to _off_ and a log record will be logged it its level is higher than or equal to the level of its logger, otherwise the log record is ignored. Use this value to <<change-overall-log-level,change the overall log level>>. Set to `all` to log all events, including system usage information and all requests. Set to `off` to silence all logs. *Default: `info`*.
2020-05-04 17:22:40 +02:00
2021-03-30 16:54:15 +02:00
|[[logging-loggers]] `logging.loggers:`
| Allows you to <<customize-specific-log-records,customize a specific logger instance>>.
2020-05-04 17:22:40 +02:00
2021-03-30 16:54:15 +02:00
| `logging.loggers.name:`
| Specific logger instance.
2020-05-04 17:22:40 +02:00
2021-03-30 16:54:15 +02:00
| `logging.loggers.level:`
| Level at which a log record should be shown. Supported levels are: _all_, _fatal_, _error_, _warn_, _info_, _debug_, _trace_, _off_.
2019-12-10 02:32:20 +01:00
2021-03-30 16:54:15 +02:00
| `logging.loggers.appenders:`
| Specific appender format to apply for a particular logger context.
| `logging.appenders:`
2021-04-06 16:06:33 +02:00
| {kibana-ref}/logging-service.html#logging-appenders[Appenders] define how and where log messages are displayed (eg. *stdout* or console) and stored (eg. file on the disk).
2021-03-30 16:54:15 +02:00
// TODO: add link to the advanced logging documentation.
| `logging.appenders.console:`
| Appender to use for logging records to *stdout*. By default, uses the `[%date][%level][%logger] %message` **pattern** layout. To use a **json**, set the <<log-in-json-ECS-example,layout type to `json`>>.
| `logging.appenders.file:`
| Allows you to specify a fileName to send log records to on disk. To send <<log-to-file-example,all log records to file>>, add the file appender to `root.appenders`.
| `logging.appenders.rolling-file:`
2021-04-21 00:23:49 +02:00
| Similar to Log4j's `RollingFileAppender`, this appender will log into a file and rotate if following a rolling strategy when the configured policy triggers. There are currently two policies supported: `size-limit` and `time-interval`.
2021-03-30 16:54:15 +02:00
The size limit policy will perform a rollover when the log file reaches a maximum `size`. *Default 100mb*
2020-05-04 17:22:40 +02:00
2021-03-30 16:54:15 +02:00
The time interval policy will rotate the log file every given interval of time. *Default 24h*
2017-09-12 20:02:37 +02:00
2021-08-30 20:55:03 +02:00
| `map.includeElasticMapsService:` {ess-icon}
2020-05-04 17:22:40 +02:00
| Set to `false` to disable connections to Elastic Maps Service.
2021-06-29 00:27:41 +02:00
When `includeElasticMapsService` is turned off, only tile layer configured by <<tilemap-url, `map.tilemap.url`>> is available in <<maps, Maps>>. *Default: `true`*
2019-05-23 22:26:44 +02:00
2021-06-21 13:35:50 +02:00
| `map.emsUrl:`
| Specifies the URL of a self hosted <<elastic-maps-server,{hosted-ems}>>
2020-09-24 00:23:20 +02:00
| [[tilemap-settings]] `map.tilemap.options.attribution:` {ess-icon}
2021-10-29 19:33:12 +02:00
| The map attribution string. Provide attributions in markdown and use '|' to delimit attributions, for example: `"[attribution 1](https://www.attribution1)|[attribution 2](https://www.attribution2)"`.
2019-02-11 18:20:19 +01:00
*Default: `"© [Elastic Maps Service](https://www.elastic.co/elastic-maps-service)"`*
2018-05-31 21:57:44 +02:00
2020-09-24 00:23:20 +02:00
| [[tilemap-max-zoom]] `map.tilemap.options.maxZoom:` {ess-icon}
2020-05-14 22:48:35 +02:00
| The maximum zoom level. *Default: `10`*
2018-05-31 21:57:44 +02:00
2020-09-24 00:23:20 +02:00
| [[tilemap-min-zoom]] `map.tilemap.options.minZoom:` {ess-icon}
2020-05-14 22:48:35 +02:00
| The minimum zoom level. *Default: `1`*
2018-05-31 21:57:44 +02:00
2020-09-24 00:23:20 +02:00
| [[tilemap-subdomains]] `map.tilemap.options.subdomains:` {ess-icon}
2020-05-04 17:22:40 +02:00
| An array of subdomains
2019-02-11 18:20:19 +01:00
used by the tile service. Specify the position of the subdomain the URL with
2020-05-14 22:48:35 +02:00
the token `{s}`.
2018-05-31 21:57:44 +02:00
2020-09-24 00:23:20 +02:00
| [[tilemap-url]] `map.tilemap.url:` {ess-icon}
2020-05-04 17:22:40 +02:00
| The URL to the tileservice that {kib} uses
2020-05-14 22:48:35 +02:00
to display map tiles in tilemap visualizations. By default,
2020-05-04 17:22:40 +02:00
{kib} reads this URL from an external metadata service, but users can
2019-02-11 18:20:19 +01:00
override this parameter to use their own Tile Map Service. For example:
`"https://tiles.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana"`
2018-05-02 19:23:36 +02:00
2021-04-08 17:23:36 +02:00
| `migrations.batchSize:`
2021-09-01 12:19:02 +02:00
| Defines the number of documents migrated at a time. The higher the value, the faster the Saved Objects migration process performs at the cost of higher memory consumption. If upgrade migrations results in {kib} crashing with an out of memory exception or fails due to an Elasticsearch `circuit_breaking_exception`, use a smaller `batchSize` value to reduce the memory pressure. *Default: `1000`*
| `migrations.maxBatchSizeBytes:`
| Defines the maximum payload size for indexing batches of upgraded saved objects to avoid migrations failing due to a 413 Request Entity Too Large response from Elasticsearch. This value should be lower than or equal to your Elasticsearch cluster's `http.max_content_length` configuration option. *Default: `100mb`*
2021-04-08 17:23:36 +02:00
| `migrations.retryAttempts:`
| The number of times migrations retry temporary failures, such as a network timeout, 503 status code, or `snapshot_in_progress_exception`. When upgrade migrations frequently fail after exhausting all retry attempts with a message such as `Unable to complete the [...] step after 15 attempts, terminating.`, increase the setting value. *Default: `15`*
2020-05-04 17:22:40 +02:00
| `newsfeed.enabled:`
| Controls whether to enable the newsfeed
system for the {kib} UI notification center. Set to `false` to disable the
newsfeed system. *Default: `true`*
2019-11-13 16:48:34 +01:00
2020-09-23 17:01:05 +02:00
|[[path-data]] `path.data:`
2020-05-04 17:22:40 +02:00
| The path where {kib} stores persistent data
not saved in {es}. *Default: `data`*
2018-05-31 21:57:44 +02:00
2020-05-04 17:22:40 +02:00
| `pid.file:`
| Specifies the path where {kib} creates the process ID file.
2018-05-31 21:57:44 +02:00
2020-05-04 17:22:40 +02:00
| `ops.interval:`
| Set the interval in milliseconds to sample
system and process performance metrics. The minimum value is 100. *Default: `5000`*
2019-02-11 18:20:19 +01:00
2020-09-23 17:01:05 +02:00
|[[ops-cGroupOverrides-cpuPath]] `ops.cGroupOverrides.cpuPath:`
2020-09-09 22:01:29 +02:00
| Override for cgroup cpu path when mounted in a
manner that is inconsistent with `/proc/self/cgroup`.
2020-09-23 17:01:05 +02:00
|[[ops-cGroupOverrides-cpuAcctPath]] `ops.cGroupOverrides.cpuAcctPath:`
2020-09-09 22:01:29 +02:00
| Override for cgroup cpuacct path when mounted
in a manner that is inconsistent with `/proc/self/cgroup`.
2021-03-19 00:34:15 +01:00
|[[savedObjects-maxImportExportSize]] `savedObjects.maxImportExportSize:`
| The maximum count of saved objects that can be imported or exported.
2021-10-07 20:30:32 +02:00
This setting exists to prevent the {kib} server from running out of memory when handling
2021-03-19 00:34:15 +01:00
large numbers of saved objects. It is recommended to only raise this setting if you are
confident your server can hold this many objects in memory.
*Default: `10000`*
|[[savedObjects-maxImportPayloadBytes]] `savedObjects.maxImportPayloadBytes:`
| The maximum byte size of a saved objects import that the {kib} server will accept.
2021-10-07 20:30:32 +02:00
This setting exists to prevent the {kib} server from running out of memory when handling
2021-03-19 00:34:15 +01:00
a large import payload. Note that this setting overrides the more general
2021-04-19 19:12:45 +02:00
<<server-maxPayload, `server.maxPayload`>> for saved object imports only.
2021-03-19 00:34:15 +01:00
*Default: `26214400`*
2020-09-23 17:01:05 +02:00
|[[server-basePath]] `server.basePath:`
2020-05-04 17:22:40 +02:00
| Enables you to specify a path to mount {kib} at if you are
2020-09-23 17:01:05 +02:00
running behind a proxy. Use the <<server-rewriteBasePath, `server.rewriteBasePath`>> setting to tell {kib}
2019-02-11 18:20:19 +01:00
if it should remove the basePath from requests it receives, and to prevent a
deprecation warning at startup. This setting cannot end in a slash (`/`).
2018-05-31 21:57:44 +02:00
2021-03-22 14:36:14 +01:00
|[[server-publicBaseUrl]] `server.publicBaseUrl:` {ess-icon}
2020-12-09 01:02:39 +01:00
| The publicly available URL that end-users access Kibana at. Must include the protocol, hostname, port
(if different than the defaults for `http` and `https`, 80 and 443 respectively), and the
<<server-basePath, `server.basePath`>> (if configured). This setting cannot end in a slash (`/`).
2020-05-04 17:22:40 +02:00
| [[server-compression]] `server.compression.enabled:`
| Set to `false` to disable HTTP compression for all responses. *Default: `true`*
2019-12-02 17:43:06 +01:00
2020-12-10 15:14:09 +01:00
| `server.cors.enabled:`
| experimental[] Set to `true` to allow cross-origin API calls. *Default:* `false`
2020-12-14 13:57:28 +01:00
| `server.cors.allowCredentials:`
2020-12-10 15:14:09 +01:00
| experimental[] Set to `true` to allow browser code to access response body whenever request performed with user credentials. *Default:* `false`
2020-12-14 13:57:28 +01:00
| `server.cors.allowOrigin:`
| experimental[] List of origins permitted to access resources. You must specify explicit hostnames and not use `server.cors.allowOrigin: ["*"]` when `server.cors.allowCredentials: true`. *Default:* ["*"]
2020-12-10 15:14:09 +01:00
2020-05-04 17:22:40 +02:00
| `server.compression.referrerWhitelist:`
| Specifies an array of trusted hostnames, such as the {kib} host, or a reverse
proxy sitting in front of it. This determines whether HTTP compression may be used for responses, based on the request `Referer` header.
2020-09-23 17:01:05 +02:00
This setting may not be used when <<server-compression, `server.compression.enabled`>> is set to `false`. *Default: `none`*
2019-12-02 17:43:06 +01:00
2021-04-21 00:23:49 +02:00
a|
`server.securityResponseHeaders:`
`strictTransportSecurity:`
2021-07-07 22:19:28 +02:00
| [[server-securityResponseHeaders-strictTransportSecurity]] Controls whether the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security[`Strict-Transport-Security`]
2021-04-19 19:12:45 +02:00
header is used in all responses to the client from the {kib} server, and specifies what value is used. Allowed values are any text value or
`null`. To disable, set to `null`. *Default:* `null`
2021-04-21 00:23:49 +02:00
[[server-securityResponseHeaders-xContentTypeOptions]]
a| `server.securityResponseHeaders:`
`xContentTypeOptions:`
2021-04-19 19:12:45 +02:00
| Controls whether the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options[`X-Content-Type-Options`] header is
used in all responses to the client from the {kib} server, and specifies what value is used. Allowed values are `nosniff` or `null`. To
disable, set to `null`. *Default:* `"nosniff"`
2021-04-21 00:23:49 +02:00
[[server-securityResponseHeaders-referrerPolicy]]
a|`server.securityResponseHeaders:`
`referrerPolicy:`
2021-04-19 19:12:45 +02:00
| Controls whether the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy[`Referrer-Policy`] header is used in all
responses to the client from the {kib} server, and specifies what value is used. Allowed values are `no-referrer`,
`no-referrer-when-downgrade`, `origin`, `origin-when-cross-origin`, `same-origin`, `strict-origin`, `strict-origin-when-cross-origin`,
`unsafe-url`, or `null`. To disable, set to `null`. *Default:* `"no-referrer-when-downgrade"`
2021-04-21 00:23:49 +02:00
[[server-securityResponseHeaders-permissionsPolicy]]
a|`server.securityResponseHeaders:`
`permissionsPolicy:`
2021-04-19 19:12:45 +02:00
| experimental[] Controls whether the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy[`Permissions-Policy`] header
is used in all responses to the client from the {kib} server, and specifies what value is used. Allowed values are any text value or `null`.
To disable, set to `null`. *Default:* `null`
2021-06-25 20:41:37 +02:00
|[[server-securityResponseHeaders-disableEmbedding]]`server.securityResponseHeaders:`
2021-04-21 00:23:49 +02:00
`disableEmbedding:`
2021-04-19 19:12:45 +02:00
| Controls whether the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy[`Content-Security-Policy`] and
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options[`X-Frame-Options`] headers are configured to disable embedding
{kib} in other webpages using iframes. When set to `true`, secure headers are used to disable embedding, which adds the `frame-ancestors:
2021-10-12 02:49:21 +02:00
'self'` directive to the `Content-Security-Policy` response header and adds the `X-Frame-Options: SAMEORIGIN` response header. *Default:* `false`
2021-04-19 19:12:45 +02:00
2020-05-14 22:48:35 +02:00
| `server.customResponseHeaders:` {ess-icon}
2020-05-04 17:22:40 +02:00
| Header names and values to
send on all responses to the client from the {kib} server. *Default: `{}`*
2018-05-02 19:23:36 +02:00
2021-04-20 22:39:02 +02:00
|[[server-shutdownTimeout]] `server.shutdownTimeout:`
| Sets the grace period for {kib} to attempt to resolve any ongoing HTTP requests after receiving a `SIGTERM`/`SIGINT` signal, and before shutting down. Any new HTTP requests received during this period are rejected with a `503` response. *Default: `30s`*
2020-09-23 17:01:05 +02:00
|[[server-host]] `server.host:`
2020-05-04 17:22:40 +02:00
| This setting specifies the host of the
back end server. To allow remote users to connect, set the value to the IP address or DNS name of the {kib} server. *Default: `"localhost"`*
2018-05-02 19:23:36 +02:00
2020-05-04 17:22:40 +02:00
| `server.keepaliveTimeout:`
| The number of milliseconds to wait for additional data before restarting
2020-09-23 17:01:05 +02:00
the <<server-socketTimeout, `server.socketTimeout`>> counter. *Default: `"120000"`*
2019-07-03 19:22:26 +02:00
2021-03-19 00:34:15 +01:00
|[[server-maxPayloadBytes]] `server.maxPayloadBytes:`
2021-04-19 19:12:45 +02:00
| deprecated:[7.13.0,"In 8.0 and later, this setting will no longer be supported."]
This setting has been renamed to <<server-maxPayload,`server.maxPayload`>>.
|[[server-maxPayload]] `server.maxPayload:`
2020-05-04 17:22:40 +02:00
| The maximum payload size in bytes
for incoming server requests. *Default: `1048576`*
2018-05-02 19:23:36 +02:00
2020-05-04 17:22:40 +02:00
| `server.name:`
| A human-readable display name that
identifies this {kib} instance. *Default: `"your-hostname"`*
2018-05-02 19:23:36 +02:00
2020-09-23 17:01:05 +02:00
|[[server-port]] `server.port:`
2020-05-04 17:22:40 +02:00
| {kib} is served by a back end server. This
setting specifies the port to use. *Default: `5601`*
2018-05-02 19:23:36 +02:00
2020-09-23 17:01:05 +02:00
|[[server-requestId-allowFromAnyIp]] `server.requestId.allowFromAnyIp:`
2021-07-07 17:46:35 +02:00
| Sets whether or not the `X-Opaque-Id` header should be trusted from any IP address for identifying requests in logs and forwarded to Elasticsearch.
2020-08-19 23:41:12 +02:00
| `server.requestId.ipAllowlist:`
2020-09-23 17:01:05 +02:00
| A list of IPv4 and IPv6 address which the `X-Opaque-Id` header should be trusted from. Normally this would be set to the IP addresses of the load balancers or reverse-proxy that end users use to access Kibana. If any are set, <<server-requestId-allowFromAnyIp, `server.requestId.allowFromAnyIp`>> must also be set to `false.`
2020-08-19 23:41:12 +02:00
2020-09-23 17:01:05 +02:00
|[[server-rewriteBasePath]] `server.rewriteBasePath:`
2020-05-04 17:22:40 +02:00
| Specifies whether {kib} should
2020-09-23 17:01:05 +02:00
rewrite requests that are prefixed with <<server-basePath, `server.basePath`>> or require that they
2020-05-04 17:22:40 +02:00
are rewritten by your reverse proxy. In {kib} 6.3 and earlier, the default is
`false`. In {kib} 7.x, the setting is deprecated. In {kib} 8.0 and later, the
default is `true`. *Default: `deprecated`*
2018-05-02 19:23:36 +02:00
2020-09-23 17:01:05 +02:00
|[[server-socketTimeout]] `server.socketTimeout:`
2020-05-04 17:22:40 +02:00
| The number of milliseconds to wait before closing an
inactive socket. *Default: `"120000"`*
2019-07-03 19:22:26 +02:00
2020-09-23 17:01:05 +02:00
|[[server-ssl-cert-key]] `server.ssl.certificate:` and `server.ssl.key:`
2020-05-04 17:22:40 +02:00
| Paths to a PEM-encoded X.509 server certificate and its corresponding private key. These
are used by {kib} to establish trust when receiving inbound SSL/TLS connections from users.
2021-06-02 16:23:39 +02:00
|[[server-uuid]] `server.uuid:`
| The unique identifier for this {kib} instance.
2020-05-04 17:22:40 +02:00
|===
2018-05-02 19:23:36 +02:00
2020-05-04 17:22:40 +02:00
[NOTE]
============
2020-09-23 17:01:05 +02:00
These settings cannot be used in conjunction with <<server-ssl-keystore-path, `server.ssl.keystore.path`>>.
2020-05-04 17:22:40 +02:00
============
[cols="2*<"]
|===
2020-09-23 17:01:05 +02:00
|[[server-ssl-certificateAuthorities]] `server.ssl.certificateAuthorities:`
2020-05-04 17:22:40 +02:00
| Paths to one or more PEM-encoded X.509 certificate authority (CA) certificates which make up a
2020-01-29 18:59:50 +01:00
trusted certificate chain for {kib}. This chain is used by {kib} to establish trust when receiving inbound SSL/TLS connections from end
users. If PKI authentication is enabled, this chain is also used by {kib} to verify client certificates from end users.
2020-09-24 00:23:20 +02:00
2020-09-23 17:01:05 +02:00
In addition to this setting, trusted certificates may be specified via <<server-ssl-keystore-path, `server.ssl.keystore.path`>> and/or <<server-ssl-truststore-path, `server.ssl.truststore.path`>>.
2018-05-02 19:23:36 +02:00
2020-12-17 19:36:31 +01:00
| [[server-ssl-cipherSuites]] `server.ssl.cipherSuites:`
2020-05-04 17:22:40 +02:00
| Details on the format, and the valid options, are available via the
2020-11-12 22:00:57 +01:00
https://www.openssl.org/docs/man1.1.1/man1/ciphers.html#CIPHER-LIST-FORMAT[OpenSSL cipher list format documentation].
*Default: `TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-GCM-SHA384, DHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES128-SHA256, DHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, DHE-RSA-AES256-SHA384, ECDHE-RSA-AES256-SHA256, DHE-RSA-AES256-SHA256, HIGH,!aNULL, !eNULL, !EXPORT, !DES, !RC4, !MD5, !PSK, !SRP, !CAMELLIA`*.
2018-05-02 19:23:36 +02:00
2020-05-04 17:22:40 +02:00
| `server.ssl.clientAuthentication:`
| Controls the behavior in {kib} for requesting a certificate from client
2020-01-29 18:59:50 +01:00
connections. Valid values are `"required"`, `"optional"`, and `"none"`. Using `"required"` will refuse to establish the connection unless a
client presents a certificate, using `"optional"` will allow a client to present a certificate if it has one, and using `"none"` will
2020-05-04 17:22:40 +02:00
prevent a client from presenting a certificate. *Default: `"none"`*
2019-08-14 22:57:54 +02:00
2020-09-23 17:01:05 +02:00
|[[server-ssl-enabled]] `server.ssl.enabled:`
2020-05-04 17:22:40 +02:00
| Enables SSL/TLS for inbound connections to {kib}. When set to `true`, a certificate and its
2020-09-23 17:01:05 +02:00
corresponding private key must be provided. These can be specified via <<server-ssl-keystore-path, `server.ssl.keystore.path`>> or the combination of
<<server-ssl-cert-key, `server.ssl.certificate`>> and <<server-ssl-cert-key, `server.ssl.key`>>. *Default: `false`*
2020-01-09 19:03:16 +01:00
2020-05-04 17:22:40 +02:00
| `server.ssl.keyPassphrase:`
2020-09-23 17:01:05 +02:00
| The password that decrypts the private key that is specified via <<server-ssl-cert-key, `server.ssl.key`>>. This value
2020-01-09 19:03:16 +01:00
is optional, as the key may not be encrypted.
2020-09-23 17:01:05 +02:00
|[[server-ssl-keystore-path]] `server.ssl.keystore.path:`
2020-05-04 17:22:40 +02:00
| Path to a PKCS#12 keystore that contains an X.509 server certificate and its corresponding private key. If the
2020-01-29 18:59:50 +01:00
keystore contains any additional certificates, those will be used as a trusted certificate chain for {kib}. All of these are used by {kib}
to establish trust when receiving inbound SSL/TLS connections from end users. The certificate chain is also used by {kib} to verify client
certificates from end users when PKI authentication is enabled.
2020-09-24 00:23:20 +02:00
2020-09-23 17:01:05 +02:00
In addition to this setting, trusted certificates may be specified via <<server-ssl-certificateAuthorities, `server.ssl.certificateAuthorities`>> and/or
<<server-ssl-truststore-path, `server.ssl.truststore.path`>>.
2020-01-29 18:59:50 +01:00
2020-05-04 17:22:40 +02:00
|===
[NOTE]
============
2020-09-23 17:01:05 +02:00
This setting cannot be used in conjunction with <<server-ssl-cert-key, `server.ssl.certificate`>> or <<server-ssl-cert-key, `server.ssl.key`>>
2020-05-04 17:22:40 +02:00
============
2020-01-09 19:03:16 +01:00
2020-05-04 17:22:40 +02:00
[cols="2*<"]
|===
| `server.ssl.keystore.password:`
2020-09-23 17:01:05 +02:00
| The password that will be used to decrypt the keystore specified via <<server-ssl-keystore-path, `server.ssl.keystore.path`>>. If the
2020-01-29 18:59:50 +01:00
keystore has no password, leave this unset. If the keystore has an empty password, set this to `""`.
2020-01-09 19:03:16 +01:00
2020-09-23 17:01:05 +02:00
|[[server-ssl-truststore-path]] `server.ssl.truststore.path:`
2020-05-04 17:22:40 +02:00
| Path to a PKCS#12 trust store that contains one or more X.509 certificate authority (CA) certificates which
2020-01-29 18:59:50 +01:00
make up a trusted certificate chain for {kib}. This chain is used by {kib} to establish trust when receiving inbound SSL/TLS connections
from end users. If PKI authentication is enabled, this chain is also used by {kib} to verify client certificates from end users.
2020-09-24 00:23:20 +02:00
2020-09-23 17:01:05 +02:00
In addition to this setting, trusted certificates may be specified via <<server-ssl-certificateAuthorities, `server.ssl.certificateAuthorities`>> and/or
<<server-ssl-keystore-path, `server.ssl.keystore.path`>>.
2018-05-02 19:23:36 +02:00
2020-05-04 17:22:40 +02:00
| `server.ssl.truststore.password:`
2020-09-23 17:01:05 +02:00
| The password that will be used to decrypt the trust store specified via <<server-ssl-truststore-path, `server.ssl.truststore.path`>>. If
2020-01-29 18:59:50 +01:00
the trust store has no password, leave this unset. If the trust store has an empty password, set this to `""`.
2018-05-02 19:23:36 +02:00
2020-05-04 17:22:40 +02:00
| `server.ssl.redirectHttpFromPort:`
| {kib} binds to this port and redirects
2020-09-23 17:01:05 +02:00
all http requests to https over the port configured as <<server-port, `server.port`>>.
2018-05-02 19:23:36 +02:00
2020-12-17 19:36:31 +01:00
| [[server-ssl-supportedProtocols]] `server.ssl.supportedProtocols:`
2020-05-04 17:22:40 +02:00
| An array of supported protocols with versions.
2020-11-12 22:00:57 +01:00
Valid protocols: `TLSv1`, `TLSv1.1`, `TLSv1.2`, `TLSv1.3`. *Default: TLSv1.1, TLSv1.2, TLSv1.3*
2017-09-12 20:02:37 +02:00
2020-12-03 07:19:36 +01:00
| [[settings-xsrf-allowlist]] `server.xsrf.allowlist:`
2020-05-04 17:22:40 +02:00
| It is not recommended to disable protections for
2020-04-01 16:15:03 +02:00
arbitrary API endpoints. Instead, supply the `kbn-xsrf` header.
2020-12-03 07:19:36 +01:00
The <<settings-xsrf-allowlist, `server.xsrf.allowlist`>> setting requires the following format:
2019-12-16 18:03:38 +01:00
2020-05-04 17:22:40 +02:00
|===
2019-12-16 18:03:38 +01:00
2020-05-04 17:22:40 +02:00
[source,text]
2019-12-16 18:03:38 +01:00
----
*Default: [ ]* An array of API endpoints which should be exempt from Cross-Site Request Forgery ("XSRF") protections.
----
2020-05-04 17:22:40 +02:00
[cols="2*<"]
|===
2020-08-27 18:42:24 +02:00
| [[settings-xsrf-disableProtection]] `server.xsrf.disableProtection:`
2020-08-27 16:44:59 +02:00
| Setting this to `true` will completely disable Cross-site request forgery protection in Kibana. This is not recommended. *Default: `false`*
2020-05-04 17:22:40 +02:00
| `status.allowAnonymous:`
| If authentication is enabled,
setting this to `true` enables unauthenticated users to access the {kib}
server status API and status page. *Default: `false`*
2019-01-24 19:37:54 +01:00
2020-09-23 17:01:05 +02:00
|[[telemetry-allowChangingOptInStatus]] `telemetry.allowChangingOptInStatus`
2020-05-04 17:22:40 +02:00
| When `true`, users are able to change the telemetry setting at a later time in
<<advanced-options, Advanced Settings>>. When `false`,
2020-09-23 17:01:05 +02:00
{kib} looks at the value of <<settings-telemetry-optIn, `telemetry.optIn`>> to determine whether to send
telemetry data or not. <<telemetry-allowChangingOptInStatus, `telemetry.allowChangingOptInStatus`>> and <<settings-telemetry-optIn, `telemetry.optIn`>>
2020-05-04 17:22:40 +02:00
cannot be `false` at the same time. *Default: `true`*.
2019-11-15 00:28:32 +01:00
2020-09-23 17:01:05 +02:00
|[[settings-telemetry-optIn]] `telemetry.optIn`
2020-05-04 17:22:40 +02:00
| When `true`, telemetry data is sent to Elastic.
When `false`, collection of telemetry data is disabled.
To enable telemetry and prevent users from disabling it,
2020-09-23 17:01:05 +02:00
set <<telemetry-allowChangingOptInStatus, `telemetry.allowChangingOptInStatus`>> to `false` and <<settings-telemetry-optIn, `telemetry.optIn`>> to `true`.
2020-05-04 17:22:40 +02:00
*Default: `true`*
2019-11-15 00:28:32 +01:00
2020-05-04 17:22:40 +02:00
| `telemetry.enabled`
| Reporting your cluster statistics helps
2020-01-08 15:32:58 +01:00
us improve your user experience. Your data is never shared with anyone. Set to
`false` to disable telemetry capabilities entirely. You can alternatively opt
2020-05-04 17:22:40 +02:00
out through *Advanced Settings*. *Default: `true`*
2020-05-14 22:48:35 +02:00
| `vis_type_vega.enableExternalUrls:` {ess-icon}
2020-05-04 17:22:40 +02:00
| Set this value to true to allow Vega to use any URL to access external data
sources and images. When false, Vega can only get data from {es}. *Default: `false`*
2020-01-08 15:32:58 +01:00
2021-10-19 12:33:57 +02:00
| `xpack.ccr.ui.enabled`
Set this value to false to disable the Cross-Cluster Replication UI.
*Default: `true`*
2021-07-21 21:05:33 +02:00
|[[settings-explore-data-in-context]] `xpack.discoverEnhanced.actions.`
2021-06-29 16:38:50 +02:00
`exploreDataInContextMenu.enabled`
2021-05-24 22:14:37 +02:00
| Enables the *Explore underlying data* option that allows you to open *Discover* from a dashboard panel and view the panel data. *Default: `false`*
2021-07-21 21:05:33 +02:00
|[[settings-explore-data-in-chart]] `xpack.discoverEnhanced.actions.`
2021-06-29 16:38:50 +02:00
`exploreDataInChart.enabled`
2021-05-24 22:14:37 +02:00
| Enables you to view the underlying documents in a data series from a dashboard panel. *Default: `false`*
2021-10-19 12:33:57 +02:00
| `xpack.ilm.ui.enabled`
Set this value to false to disable the Index Lifecycle Policies UI.
*Default: `true`*
| `xpack.index_management.ui.enabled`
Set this value to false to disable the Index Management UI.
*Default: `true`*
| `xpack.license_management.ui.enabled`
Set this value to false to disable the License Management UI.
*Default: `true`*
| `xpack.remote_clusters.ui.enabled`
Set this value to false to disable the Remote Clusters UI.
*Default: `true`*
| `xpack.rollup.ui.enabled:`
Set this value to false to disable the Rollup Jobs UI. *Default: true*
| `xpack.snapshot_restore.ui.enabled:`
Set this value to false to disable the Snapshot and Restore UI. *Default: true*
| `xpack.upgrade_assistant.ui.enabled:`
Set this value to false to disable the Upgrade Assistant UI. *Default: true*
2020-05-14 22:48:35 +02:00
| `i18n.locale` {ess-icon}
2020-05-04 17:22:40 +02:00
| Set this value to change the {kib} interface language.
Valid locales are: `en`, `zh-CN`, `ja-JP`. *Default: `en`*
2019-02-11 17:17:25 +01:00
2020-05-04 17:22:40 +02:00
|===
2019-04-04 20:15:14 +02:00
2020-06-02 00:25:20 +02:00
include::{kib-repo-dir}/settings/alert-action-settings.asciidoc[]
include::{kib-repo-dir}/settings/apm-settings.asciidoc[]
2021-03-19 08:14:55 +01:00
include::{kib-repo-dir}/settings/banners-settings.asciidoc[]
2020-10-07 19:03:56 +02:00
include::{kib-repo-dir}/settings/fleet-settings.asciidoc[]
2020-06-02 00:25:20 +02:00
include::{kib-repo-dir}/settings/i18n-settings.asciidoc[]
2021-03-30 16:54:15 +02:00
include::{kib-repo-dir}/settings/logging-settings.asciidoc[]
2020-06-02 00:25:20 +02:00
include::{kib-repo-dir}/settings/logs-ui-settings.asciidoc[]
2020-06-11 00:10:23 +02:00
include::{kib-repo-dir}/settings/infrastructure-ui-settings.asciidoc[]
2020-06-02 00:25:20 +02:00
include::{kib-repo-dir}/settings/monitoring-settings.asciidoc[]
include::{kib-repo-dir}/settings/reporting-settings.asciidoc[]
2019-02-11 17:17:25 +01:00
include::secure-settings.asciidoc[]
2021-03-22 17:35:08 +01:00
include::{kib-repo-dir}/settings/search-sessions-settings.asciidoc[]
2020-06-02 00:25:20 +02:00
include::{kib-repo-dir}/settings/security-settings.asciidoc[]
include::{kib-repo-dir}/settings/spaces-settings.asciidoc[]
2021-02-16 15:49:07 +01:00
include::{kib-repo-dir}/settings/task-manager-settings.asciidoc[]
2021-03-04 15:11:53 +01:00
include::{kib-repo-dir}/settings/telemetry-settings.asciidoc[]
2021-04-27 16:32:02 +02:00
include::{kib-repo-dir}/settings/url-drilldown-settings.asciidoc[]