2016-10-25 03:41:32 +02:00
[[advanced-options]]
2020-02-06 18:16:32 +01:00
== Advanced Settings
2016-10-25 03:41:32 +02:00
2020-02-06 18:16:32 +01:00
The *Advanced Settings* UI enables you to edit settings that control the behavior of Kibana.
2016-10-25 03:41:32 +02:00
For example, you can change the format used to display dates, specify the default index pattern, and set the precision
for displayed decimal values.
2019-05-10 22:22:46 +02:00
. Go to *Management > {kib} > Advanced Settings*.
. Scroll or search for the setting you want to modify.
. Enter a new value for the setting.
2020-02-14 17:24:27 +01:00
. Click *Save changes*.
2016-10-25 03:41:32 +02:00
2019-11-14 21:42:48 +01:00
2019-06-06 17:08:18 +02:00
[float]
[[settings-read-only-access]]
=== [xpack]#Read only access#
2019-11-14 21:42:48 +01:00
When you have insufficient privileges to edit advanced settings, the following
indicator in Kibana will be displayed. The buttons to edit settings won't be visible.
2019-06-06 17:08:18 +02:00
For more information on granting access to Kibana see <<xpack-security-authorization>>.
[role="screenshot"]
image::images/settings-read-only-badge.png[Example of Advanced Settings Management's read only access indicator in Kibana's header]
[float]
2015-11-24 17:25:14 +01:00
[[kibana-settings-reference]]
2019-06-06 17:08:18 +02:00
=== Kibana settings reference
2015-11-24 17:25:14 +01:00
2019-05-10 22:22:46 +02:00
WARNING: Modifying a setting can affect {kib}
performance and cause problems that are
2019-11-14 21:42:48 +01:00
difficult to diagnose. Setting a property value to a blank field reverts
2019-05-10 22:22:46 +02:00
to the default behavior, which might not be
2019-11-14 21:42:48 +01:00
compatible with other configuration settings. Deleting a custom setting
2019-05-10 22:22:46 +02:00
removes it from {kib} permanently.
[float]
[[kibana-general-settings]]
2020-02-14 17:24:27 +01:00
==== General
2015-11-24 17:25:14 +01:00
[horizontal]
2019-05-10 22:22:46 +02:00
`csv:quoteValues`:: Set this property to `true` to quote exported values.
`csv:separator`:: A string that serves as the separator for exported values.
2019-05-20 15:08:05 +02:00
`dateFormat`:: The format to use for displaying https://momentjs.com/docs/#/displaying/format/[pretty formatted dates].
2019-05-10 22:22:46 +02:00
`dateFormat:dow`:: The day that a week should start on.
`dateFormat:scaled`:: The values that define the format to use to render ordered time-based data. Formatted timestamps must
2016-03-08 01:34:48 +01:00
adapt to the interval between measurements. Keys are http://en.wikipedia.org/wiki/ISO_8601#Time_intervals[ISO8601 intervals].
2019-05-10 22:22:46 +02:00
`dateFormat:tz`:: The timezone that Kibana uses. The default value of `Browser` uses the timezone detected by the browser.
2019-08-02 06:00:01 +02:00
`dateNanosFormat`:: The format to use for displaying https://momentjs.com/docs/#/displaying/format/[pretty formatted dates] of {ref}/date_nanos.html[Elasticsearch date_nanos type].
2019-11-14 21:42:48 +01:00
`defaultIndex`:: The index to access if no index is set. The default is `null`.
2019-11-20 14:53:04 +01:00
`defaultRoute`:: The default route when opening Kibana. Use this setting to route users to a specific dashboard, application, or saved object as they enter each space.
2019-05-10 22:22:46 +02:00
`fields:popularLimit`:: The top N most popular fields to show.
`filterEditor:suggestValues`:: Set this property to `false` to prevent the filter editor from suggesting values for fields.
`filters:pinnedByDefault`:: Set this property to `true` to make filters have a global state (be pinned) by default.
2020-02-26 20:17:59 +01:00
`format:bytes:defaultPattern`:: The default <<numeral, numeral pattern>> format for the "bytes" format.
`format:currency:defaultPattern`:: The default <<numeral, numeral pattern>> format for the "currency" format.
2019-05-10 22:22:46 +02:00
`format:defaultTypeMap`:: A map of the default format name for each field type. Field types that are not explicitly
mentioned use "\_default_".
2020-02-26 20:17:59 +01:00
`format:number:defaultLocale`:: The <<numeral, numeral pattern>> locale.
`format:number:defaultPattern`:: The <<numeral, numeral pattern>> for the "number" format.
`format:percent:defaultPattern`:: The <<numeral, numeral pattern>> for the "percent" format.
2015-11-24 17:25:14 +01:00
`histogram:barTarget`:: When date histograms use the `auto` interval, Kibana attempts to generate this number of bars.
2016-04-04 21:23:46 +02:00
`histogram:maxBars`:: Date histograms are not generated with more bars than the value of this property, scaling values
2016-03-08 01:34:48 +01:00
when necessary.
2019-05-10 22:22:46 +02:00
`history:limit`:: In fields that have history, such as query inputs, show this many recent values.
`indexPattern:placeholder`:: The default placeholder value to use in Management > Index Patterns > Create Index Pattern.
2019-11-14 21:42:48 +01:00
`metaFields`:: Fields that exist outside of `_source`. Kibana merges these fields
2019-05-10 22:22:46 +02:00
into the document when displaying it.
`metrics:max_buckets`:: The maximum numbers of buckets that a single
2019-11-14 21:42:48 +01:00
data source can return. This might arise when the user selects a
2019-05-10 22:22:46 +02:00
short interval (for example, 1s) for a long time period (1 year).
2019-11-14 21:42:48 +01:00
`query:allowLeadingWildcards`:: Allows a wildcard (*) as the first character
in a query clause. Only applies when experimental query features are
enabled in the query bar. To disallow leading wildcards in Lucene queries,
2019-05-10 22:22:46 +02:00
use `query:queryString:options`.
`query:queryString:options`:: Options for the Lucene query string parser. Only
used when "Query language" is set to Lucene.
2019-11-14 21:42:48 +01:00
`savedObjects:listingLimit`:: The number of objects to fetch for lists of saved objects.
2019-05-10 22:22:46 +02:00
The default value is 1000. Do not set above 10000.
2019-11-14 21:42:48 +01:00
`savedObjects:perPage`:: The number of objects to show on each page of the
2019-05-10 22:22:46 +02:00
list of saved objects. The default is 5.
`search:queryLanguage`:: The query language to use in the query bar.
2019-11-14 21:42:48 +01:00
Choices are <<kuery-query, KQL>>, a language built specifically for {kib}, and the <<lucene-query, Lucene
2019-05-10 22:22:46 +02:00
query syntax>>.
2019-11-14 21:42:48 +01:00
`shortDots:enable`:: Set this property to `true` to shorten long
2019-05-10 22:22:46 +02:00
field names in visualizations. For example, show `f.b.baz` instead of `foo.bar.baz`.
2019-07-19 21:16:57 +02:00
`sort:options`:: Options for the Elasticsearch {ref}/search-request-body.html#request-body-search-sort[sort] parameter.
2019-11-14 21:42:48 +01:00
`state:storeInSessionStorage`:: [experimental] Kibana tracks UI state in the
URL, which can lead to problems when there is a lot of state information,
and the URL gets very long.
Enabling this setting stores part of the URL in your browser session to keep the
2019-05-10 22:22:46 +02:00
URL short.
`theme:darkMode`:: Set to `true` to enable a dark mode for the {kib} UI. You must
refresh the page to apply the setting.
2019-11-14 21:42:48 +01:00
`timepicker:quickRanges`:: The list of ranges to show in the Quick section of
the time filter. This should be an array of objects, with each object containing
`from`, `to` (see {ref}/common-options.html#date-math[accepted formats]),
2019-05-10 22:22:46 +02:00
and `display` (the title to be displayed).
2019-10-15 19:14:09 +02:00
`timepicker:refreshIntervalDefaults`:: The default refresh interval for the time filter. Example: `{ "display": "15 seconds", "pause": true, "value": 15000 }`.
2019-05-10 22:22:46 +02:00
`timepicker:timeDefaults`:: The default selection in the time filter.
`truncate:maxHeight`:: The maximum height that a cell occupies in a table. Set to 0 to disable
2016-03-08 01:34:48 +01:00
truncation.
2019-11-14 21:42:48 +01:00
`xPack:defaultAdminEmail`:: Email address for X-Pack admin operations, such as
2019-05-10 22:22:46 +02:00
cluster alert notifications from Monitoring.
[float]
[[kibana-accessibility-settings]]
2020-02-14 17:24:27 +01:00
==== Accessibility
2019-05-10 22:22:46 +02:00
[horizontal]
2019-11-14 21:42:48 +01:00
`accessibility:disableAnimations`:: Turns off all unnecessary animations in the
2019-05-10 22:22:46 +02:00
{kib} UI. Refresh the page to apply the changes.
[float]
[[kibana-dashboard-settings]]
2020-02-14 17:24:27 +01:00
==== Dashboard
2019-05-10 22:22:46 +02:00
[horizontal]
2020-03-03 19:23:53 +01:00
`xpackDashboardMode:roles`:: **Deprecated. Use <<kibana-feature-privileges,feature privileges>> instead.**
The roles that belong to <<xpack-dashboard-only-mode, dashboard only mode>>.
2019-05-10 22:22:46 +02:00
[float]
[[kibana-discover-settings]]
2020-02-14 17:24:27 +01:00
==== Discover
2019-05-10 22:22:46 +02:00
[horizontal]
`context:defaultSize`:: The number of surrounding entries to display in the context view. The default value is 5.
`context:step`:: The number by which to increment or decrement the context size. The default value is 5.
2019-11-14 21:42:48 +01:00
`context:tieBreakerFields`:: A comma-separated list of fields to use
for breaking a tie between documents that have the same timestamp value. The first
2019-05-10 22:22:46 +02:00
field that is present and sortable in the current index pattern is used.
`defaultColumns`:: The columns that appear by default on the Discover page.
2019-11-14 21:42:48 +01:00
The default is `_source`.
`discover:aggs:terms:size`:: The number terms that are visualized when clicking
2019-05-10 22:22:46 +02:00
the Visualize button in the field drop down. The default is `20`.
`discover:sampleSize`:: The number of rows to show in the Discover table.
`discover:sort:defaultOrder`:: The default sort direction for time-based index patterns.
2019-11-14 21:42:48 +01:00
`discover:searchOnPageLoad`:: Controls whether a search is executed when Discover first loads.
2019-08-01 00:59:41 +02:00
This setting does not have an effect when loading a saved search.
2019-05-10 22:22:46 +02:00
`doc_table:hideTimeColumn`:: Hides the "Time" column in Discover and in all saved searches on dashboards.
2019-11-14 21:42:48 +01:00
`doc_table:highlight`:: Highlights results in Discover and saved searches on dashboards.
2019-05-10 22:22:46 +02:00
Highlighting slows requests when
2019-11-14 21:42:48 +01:00
working on big documents.
2019-05-10 22:22:46 +02:00
[float]
[[kibana-notification-settings]]
2020-02-14 17:24:27 +01:00
==== Notifications
2019-05-10 22:22:46 +02:00
[horizontal]
`notifications:banner`:: A custom banner intended for temporary notices to all users.
Supports https://help.github.com/en/articles/basic-writing-and-formatting-syntax[Markdown].
2019-11-14 21:42:48 +01:00
`notifications:lifetime:banner`:: The duration, in milliseconds, for banner
notification displays. The default value is 3000000. Set this field to `Infinity`
2019-05-10 22:22:46 +02:00
to disable banner notifications.
2019-11-14 21:42:48 +01:00
`notifications:lifetime:error`:: The duration, in milliseconds, for error
2019-05-10 22:22:46 +02:00
notification displays. The default value is 300000. Set this field to `Infinity` to disable error notifications.
2019-11-14 21:42:48 +01:00
`notifications:lifetime:info`:: The duration, in milliseconds, for information notification displays.
2019-05-10 22:22:46 +02:00
The default value is 5000. Set this field to `Infinity` to disable information notifications.
2019-11-14 21:42:48 +01:00
`notifications:lifetime:warning`:: The duration, in milliseconds, for warning notification
2019-05-10 22:22:46 +02:00
displays. The default value is 10000. Set this field to `Infinity` to disable warning notifications.
[float]
[[kibana-reporting-settings]]
2020-02-14 17:24:27 +01:00
==== Reporting
2019-05-10 22:22:46 +02:00
[horizontal]
`xpackReporting:customPdfLogo`:: A custom image to use in the footer of the PDF.
[float]
[[kibana-rollups-settings]]
2020-02-14 17:24:27 +01:00
==== Rollup
2019-05-10 22:22:46 +02:00
[horizontal]
2019-11-14 21:42:48 +01:00
`rollups:enableIndexPatterns`:: Enables the creation of index patterns that
capture rollup indices, which in turn enables visualizations based on rollup data.
2019-05-10 22:22:46 +02:00
Refresh the page to apply the changes.
[float]
[[kibana-search-settings]]
2020-02-14 17:24:27 +01:00
==== Search
2019-05-10 22:22:46 +02:00
[horizontal]
2020-01-13 19:19:20 +01:00
`courier:batchSearches`:: **Deprecated in 7.6. Starting in 8.0, this setting will be optimized internally.**
When disabled, dashboard panels will load individually, and search requests will terminate when
2019-09-26 02:35:44 +02:00
users navigate away or update the query. When enabled, dashboard panels will load together when all of the data is loaded,
and searches will not terminate.
2019-11-14 21:42:48 +01:00
`courier:customRequestPreference`:: {ref}/search-request-body.html#request-body-search-preference[Request preference]
2019-05-10 22:22:46 +02:00
to use when `courier:setRequestPreference` is set to "custom".
2019-11-14 21:42:48 +01:00
`courier:ignoreFilterIfFieldNotInIndex`:: Skips filters that apply to fields that don't exist in the index for a visualization.
2019-05-10 22:22:46 +02:00
Useful when dashboards consist of visualizations from multiple index patterns.
2019-11-14 21:42:48 +01:00
`courier:maxConcurrentShardRequests`:: Controls the {ref}/search-multi-search.html[max_concurrent_shard_requests]
setting used for `_msearch` requests sent by {kib}. Set to 0 to disable this
2019-05-10 22:22:46 +02:00
config and use the {es} default.
`courier:setRequestPreference`:: Enables you to set which shards handle your search requests.
2019-11-14 21:42:48 +01:00
* *Session ID:* Restricts operations to execute all search requests on the same shards.
2019-05-10 22:22:46 +02:00
This has the benefit of reusing shard caches across requests.
2019-11-14 21:42:48 +01:00
* *Custom:* Allows you to define your own preference. Use `courier:customRequestPreference`
2019-05-10 22:22:46 +02:00
to customize your preference value.
2019-11-14 21:42:48 +01:00
* *None:* Do not set a preference. This might provide better performance
because requests can be spread across all shard copies. However, results might
2019-05-10 22:22:46 +02:00
be inconsistent because different shards might be in different refresh states.
2019-11-14 21:42:48 +01:00
`search:includeFrozen`:: Includes {ref}/frozen-indices.html[frozen indices] in results.
2019-05-10 22:22:46 +02:00
Searching through frozen indices
2019-08-08 03:18:41 +02:00
might increase the search time. This setting is off by default. Users must opt-in to include frozen indices.
2019-05-10 22:22:46 +02:00
2019-09-24 08:09:35 +02:00
[float]
[[kibana-siem-settings]]
2020-02-14 17:24:27 +01:00
==== SIEM
2019-09-24 08:09:35 +02:00
[horizontal]
2019-11-14 21:42:48 +01:00
`siem:defaultAnomalyScore`:: The threshold above which Machine Learning job anomalies are displayed in the SIEM app.
`siem:defaultIndex`:: A comma-delimited list of Elasticsearch indices from which the SIEM app collects events.
2020-02-14 17:24:27 +01:00
`siem:enableNewsFeed`:: Enables the security news feed on the SIEM *Overview*
2020-02-10 20:59:28 +01:00
page.
2020-02-14 17:24:27 +01:00
`siem:newsFeedUrl`:: The URL from which the security news feed content is
2020-02-10 20:59:28 +01:00
retrieved.
2019-09-24 08:09:35 +02:00
`siem:refreshIntervalDefaults`:: The default refresh interval for the SIEM time filter, in milliseconds.
`siem:timeDefaults`:: The default period of time in the SIEM time filter.
2019-05-10 22:22:46 +02:00
[float]
[[kibana-timelion-settings]]
2020-02-14 17:24:27 +01:00
==== Timelion
2019-05-10 22:22:46 +02:00
[horizontal]
`timelion:default_columns`:: The default number of columns to use on a Timelion sheet.
`timelion:default_rows`:: The default number of rows to use on a Timelion sheet.
`timelion:es.default_index`:: The default index when using the `.es()` query.
`timelion:es.timefield`:: The default field containing a timestamp when using the `.es()` query.
2019-11-14 21:42:48 +01:00
`timelion:graphite.url`:: [experimental] Used with graphite queries, this is the URL of your graphite host
in the form https://www.hostedgraphite.com/UID/ACCESS_KEY/graphite. This URL can be
2019-07-10 15:04:19 +02:00
selected from a whitelist configured in the `kibana.yml` under `timelion.graphiteUrls`.
2019-05-10 22:22:46 +02:00
`timelion:max_buckets`:: The maximum number of buckets a single data source can return.
This value is used for calculating automatic intervals in visualizations.
`timelion:min_interval`:: The smallest interval to calculate when using "auto".
`timelion:quandl.key`:: [experimental] Used with quandl queries, this is your API key from https://www.quandl.com/[www.quandl.com].
2019-11-14 21:42:48 +01:00
`timelion:showTutorial`:: Shows the Timelion tutorial
2019-05-10 22:22:46 +02:00
to users when they first open the Timelion app.
2019-11-14 21:42:48 +01:00
`timelion:target_buckets`:: Used for calculating automatic intervals in visualizations,
2019-05-10 22:22:46 +02:00
this is the number of buckets to try to represent.
[float]
[[kibana-visualization-settings]]
2020-02-14 17:24:27 +01:00
==== Visualization
2019-05-10 22:22:46 +02:00
[horizontal]
`visualization:colorMapping`:: Maps values to specified colors in visualizations.
2019-11-14 21:42:48 +01:00
`visualization:dimmingOpacity`:: The opacity of the chart items that are dimmed
when highlighting another element of the chart. The lower this number, the more
2019-05-10 22:22:46 +02:00
the highlighted element stands out. This must be a number between 0 and 1.
2019-11-14 21:42:48 +01:00
`visualization:loadingDelay`:: The time to wait before dimming visualizations
2019-05-10 22:22:46 +02:00
during a query.
2019-11-14 21:42:48 +01:00
`visualization:regionmap:showWarnings`:: Shows
2019-05-10 22:22:46 +02:00
a warning in a region map when terms cannot be joined to a shape.
`visualization:tileMap:WMSdefaults`:: The default properties for the WMS map server support in the coordinate map.
`visualization:tileMap:maxPrecision`:: The maximum geoHash precision displayed on tile maps: 7 is high, 10 is very high,
2019-11-14 21:42:48 +01:00
and 12 is the maximum. See this
2019-05-10 22:22:46 +02:00
{ref}/search-aggregations-bucket-geohashgrid-aggregation.html#_cell_dimensions_at_the_equator[explanation of cell dimensions].
2019-11-14 21:42:48 +01:00
`visualize:enableLabs`:: Enables users to create, view, and edit experimental visualizations.
2019-05-10 22:22:46 +02:00
If disabled, only visualizations that are considered production-ready are available to the user.
[float]
[[kibana-telemetry-settings]]
2020-02-14 17:24:27 +01:00
==== Usage data
2019-05-10 22:22:46 +02:00
2019-11-14 21:42:48 +01:00
Helps improve the Elastic Stack by providing usage statistics for
2019-05-10 22:22:46 +02:00
basic features. This data will not be shared outside of Elastic.