b302cb2a61
* Docs: getting started with Kibana Security (#94158) Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Gail Chappell <gail.chappell@elastic.co> # Conflicts: # docs/redirects.asciidoc * adjust reference
145 lines
4.9 KiB
Text
145 lines
4.9 KiB
Text
[[get-started]]
|
|
== Quick start
|
|
|
|
To quickly get up and running with {kib}, set up on Cloud, then add a sample data set that you can explore and analyze.
|
|
|
|
When you've finished, you'll know how to:
|
|
|
|
* <<explore-the-data,Explore the data with *Discover*.>>
|
|
|
|
* <<view-and-analyze-the-data,Gain insight into the data with *Dashboard*.>>
|
|
|
|
[float]
|
|
=== Required privileges
|
|
When security is enabled, you must have `read`, `write`, and `manage` privileges on the `kibana_sample_data_*` indices.
|
|
Learn how to <<tutorial-secure-access-to-kibana, secure access to {kib}>>, or refer to {ref}/security-privileges.html[Security privileges] for more information.
|
|
|
|
[float]
|
|
[[set-up-on-cloud]]
|
|
== Set up on cloud
|
|
|
|
include::{docs-root}/shared/cloud/ess-getting-started.asciidoc[]
|
|
|
|
[float]
|
|
[[gs-get-data-into-kibana]]
|
|
== Add the sample data
|
|
|
|
Sample data sets come with sample visualizations, dashboards, and more to help you explore {kib} without adding your own data.
|
|
|
|
. From the home page, click *Try our sample data*.
|
|
|
|
. On the *Sample eCommerce orders* card, click *Add data*.
|
|
+
|
|
[role="screenshot"]
|
|
image::getting-started/images/add-sample-data.png[Add data UI]
|
|
|
|
[float]
|
|
[[explore-the-data]]
|
|
== Explore the data
|
|
|
|
*Discover* displays an interactive histogram that shows the distribution of of data, or documents, over time, and a table that lists the fields for each document that matches the index. By default, all fields are shown for each matching document.
|
|
|
|
. Open the main menu, then click *Discover*.
|
|
|
|
. Change the <<set-time-filter, time filter>> to *Last 7 days*.
|
|
+
|
|
[role="screenshot"]
|
|
image::images/tutorial-discover-2.png[]
|
|
|
|
. To focus in on the documents you want to view, use the <<kuery-query,{kib} Query Language>>. In the *KQL* search field, enter:
|
|
+
|
|
[source,text]
|
|
products.taxless_price >= 60 AND category : Women's Clothing
|
|
+
|
|
The query returns the women's clothing orders for $60 and more.
|
|
+
|
|
[role="screenshot"]
|
|
image::images/tutorial-discover-4.png[]
|
|
|
|
. Hover over the list of *Available fields*, then click *+* next to the fields you want to view in the table.
|
|
+
|
|
For example, when you add the *category* field, the table displays the product categories for the orders.
|
|
+
|
|
[role="screenshot"]
|
|
image::images/tutorial-discover-3.png[]
|
|
+
|
|
For more information, refer to <<discover, *Discover*>>.
|
|
|
|
[float]
|
|
[[view-and-analyze-the-data]]
|
|
== View and analyze the data
|
|
|
|
A dashboard is a collection of panels that you can use to view and analyze the data. Panels contain visualizations, interactive controls, Markdown, and more.
|
|
|
|
. Open the main menu, then click *Dashboard*.
|
|
|
|
. Click *[eCommerce] Revenue Dashboard*.
|
|
+
|
|
[role="screenshot"]
|
|
image::getting-started/images/tutorial-sample-dashboard.png[]
|
|
|
|
[float]
|
|
[[filter-and-query-the-data]]
|
|
=== Filter the data
|
|
|
|
To focus in on the data you want to view on the dashboard, use filters.
|
|
|
|
. From the *[eCommerce] Controls* panel, make a selection from the *Manufacturer* and *Category* dropdowns, then click *Apply changes*.
|
|
+
|
|
For example, the following dashboard shows the data for women's clothing from Gnomehouse.
|
|
+
|
|
[role="screenshot"]
|
|
image::getting-started/images/tutorial-sample-filter.png[]
|
|
|
|
. To manually add a filter, click *Add filter*, then specify the options.
|
|
+
|
|
For example, to view the orders for Wednesday, select *day_of_week* from the *Field* dropdown, select *is* from the *Operator* dropdown, then select *Wednesday* from the *Value* dropdown.
|
|
+
|
|
[role="screenshot"]
|
|
image::getting-started/images/tutorial-sample-filter2.png[]
|
|
|
|
. When you are done, remove the filters.
|
|
+
|
|
For more information, refer to <<dashboard,*Dashboard*>>.
|
|
|
|
[float]
|
|
[[create-a-visualization]]
|
|
=== Create a visualization panel
|
|
|
|
Create a treemap panel that shows the top regions and manufacturers, then add the panel to the dashboard.
|
|
|
|
. From the toolbar, click *Edit*, then click *Create new*.
|
|
|
|
. On the *New Visualization* window, click *Lens*.
|
|
|
|
. From the *Available fields* list, drag and drop the following fields to the visualization builder:
|
|
|
|
* *geoip.city_name*
|
|
|
|
* *manufacturer.keyword*
|
|
+
|
|
. From the visualization dropdown, select *Treemap*.
|
|
+
|
|
[role="screenshot"]
|
|
image::getting-started/images/tutorial-visualization-dropdown.png[Visualization dropdown with Treemap selected]
|
|
|
|
. Click *Save*.
|
|
|
|
. On the *Save Lens visualization*, enter a title and make sure *Add to Dashboard after saving* is selected, then click *Save and return*.
|
|
+
|
|
The treemap appears as the last visualization panel on the dashboard.
|
|
+
|
|
[role="screenshot"]
|
|
image::getting-started/images/tutorial-final-dashboard.gif[Final dashboard with new treemap visualization]
|
|
+
|
|
For more information, refer to <<dashboard,Dashboard>>.
|
|
|
|
[float]
|
|
[[quick-start-whats-next]]
|
|
== What's next?
|
|
|
|
If you are you ready to add your own data, refer to <<connect-to-elasticsearch,Add data to {kib}>>.
|
|
|
|
If you want to ingest your data, refer to {fleet-guide}/fleet-quick-start.html[Quick start: Get logs and metrics into the Elastic Stack].
|
|
|
|
If you want to secure access to your data, refer to our guide on <<tutorial-secure-access-to-kibana, securing {kib}>>
|