Getting Started with Kibana: Installation, Configuration, and Usage Guide

Introduction

Kibana is an open‑source data analysis and visualization platform that works with Elasticsearch, allowing users to search, explore, and visualize data through a browser‑based interface.

Installation

Download Kibana from its GitHub repository ( https://github.com/elastic/kibana ) and follow the standard installation steps. After installation, start Kibana and access it via http://localhost:5601 (or your domain with port 5601).

Configuration

Configuration settings can be edited in kibana.yml (e.g., Elasticsearch URL). Detailed settings are documented at https://www.elastic.co/guide/en/kibana/current/settings.html .

Connecting to Elasticsearch

On first launch Kibana prompts for an index pattern that matches one or more Elasticsearch indices. Users define the pattern, optionally enable the time filter, and set the pattern as default via Management → Index Patterns.

Discover

The Discover page lets users interactively explore documents, run queries, filter results, and view field statistics. Queries can be written using Kibana’s Lucene‑based syntax or the Elasticsearch DSL.

Query Syntax

Examples include simple text search (e.g., safari), field‑specific search ( status:200), range queries ( status:[400 TO 499]), boolean operators (AND, OR, NOT), and wildcard queries ( machine.os:win*). Parentheses control precedence, e.g., status:200 AND (extension:php OR extension:css).

Visualization

Users create visualizations by selecting a type, defining a search query, and configuring aggregations for the X and Y axes. The resulting visualizations can be saved and reused.

Dashboard

Dashboards combine multiple visualizations and saved searches. Users can add, arrange, and edit panels, then save the dashboard for sharing. The dark theme can be enabled via Options → Use dark theme.

Monitoring

Kibana and Elasticsearch emit logs that can be viewed in the console. Example log entries are shown below:

[2018-08-15T14:48:26,874][INFO ][o.e.c.m.MetaDataCreateIndexService] [Px524Ts] [.monitoring‑kibana‑6‑2018.08.15] creating index, cause [auto(bulk api)], templates [.monitoring‑kibana], shards [1]/[0], mappings [doc]

log   [03:26:53.605] [info][license][xpack] Imported license information from Elasticsearch for the [monitoring] cluster: mode: basic | status: active

The guide concludes with a reminder that all referenced open‑source projects are listed on the GitHubDaily repository.