How to Configure Elastic Search graphs in Kibana

In order to analyze and visualize the data from the elastic search in a form of a dashboard, MCS allows an external integration with the Kibana.

The list of APIs that are integrated into elastic search can be found here Elastic search.

Install Kibana

Please follow the steps below to install Kibana locally.

Create a VMware instance with Ubuntu 20.04 minimal install. Note that you can install ubuntu 20.04 minimal at your preference hardware/virtual environment.
run$ sudo apt install docker.io #install dockerized. Docker version 1.29 onwards is recommended.
run$ docker pull docker.elastic.co/elasticsearch/elasticsearch:7.16.2 #make sure the kibana version matches with the elasticsearch version running at your MCS.
run$ nano docker-composs.yml
Copy the following data onto docker-compose.yml

version: '3'
services:
  kibana:
    image: kibana:7.16.2
    ports:
      - 5601:5601
    volumes:
      - ./kibana.yml:/usr/share/kibana/config/kibana.yml

sample as below:

Then follow by ctrl+O (^O) enter and ctrl+X (^X).

6. run$ nano kibana.yml

7. Copy the following data into kibana.yml

# =================== System: Kibana Server ===================
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601
# To allow connections from remote users, set this parameter to a non-loopback >
server.host: "0.0.0.0"
# =================== System: Elasticsearch ===================
# The URLs of the Elasticsearch instances to use for all your queries.
elasticsearch.hosts: ["http://xx.xx.xx.xx:9200"]

monitoring.ui.container.elasticsearch.enabled: true

Sample as below:

Then follow by ctrl+O (^O) enter and ctrl+X (^X).

8. run# docker-compose up

9. Open the browser and enter your Kibana IP address, for example: http://xx.xx.xx.xx:5601. You shall see Kibana is trying to reach out to the MCS elasticsearch component.

10. Setup completed!

Create Indexes

Once the MCS is mapped to the Kibana, the elastic search page is accessible. Follow the steps below to create a indexes before you proceed to create dashboard.

Click on the navigation pane on the right side and goto Management → Stack Management.
Click on Index Management, under which all the indices that are inside the Elastic Search database are available. Its divided as pipeline (highlighted in green)
Click on one of the pipelines, to view the structure of the index.
To create an index pattern go to Stack Management → Index Patterns.
Click on create index pattern, write the index name within '*' symbol as shown below (in this example it is *ptp*) and choose the Timestamp field from the dropdown and click on Create index pattern.
All the fields inside the data are listed as shown below.
Now, go to Discover.
Click on the Change index pattern dropdown list and type the index pattern created in step 5 (in this example it is ptp). This will show all the relevant data for the index from the MCM.

Create Dashboard through Elastic Search

Follow the steps below to create a dashboard.

1. Click on the navigation pane on the right side and goto Analytics → Overview.

2. Click on the Dashboard.

3. To create a new dashboard, click on Create dashboard.

4. Click on the Create visualization.

5. There are different Vizualization types (highlighted in red) available that can be used. The Index pattern (*ptp*) created is listed in the dropdown list as shown below.

Select your desired type from the drop down list. In the left side from the Available fields (highlighted in green) drag and drop into the Rows and Columns (highlighted in green).

Once you choose all the relevant fields click on Save and return at the top right corner.

6. Now the visualization type is available on the Dashboard.

**One of the sample dashboard created is shown below.

Import a Kibana Dashboard

To import a Kibana Dashboard navigate to Saved Objects → Import on the elastic search.

Kibana Dashboard’s are in JSON file format.