Kibana Tutorial: Installation, Configuration, and Usage Guide

Kibana is an open‑source analytics and visualization platform designed to work with Elasticsearch, allowing users to search, view, and interact with indexed data through a browser‑based interface.

1. Install Kibana

Download and install Kibana, then start the service (default port 5601).

2. Kibana Configuration

Configure settings in kibana.yml and refer to the official documentation at https://www.elastic.co/guide/en/kibana/current/settings.html.

3. Access Kibana

Open a web browser and navigate to http://localhost:5601 (or your domain) to reach the Kibana UI.

3.1 Check Kibana Status

Visit http://localhost:5601/status or http://<em>host</em>:5601/api/status for JSON status information.

4. Connect Elasticsearch to Kibana

Define an index pattern in Kibana to match one or more Elasticsearch indices; adjust the Elasticsearch URL in kibana.yml if connecting to a remote cluster.

5. Discover

Use the Discover page to explore data, submit queries, filter results, and view field statistics. Time‑based indices show a histogram at the top.

5.1 Set Time Filter

Adjust the time picker to limit results to a specific range.

5.2 Search Data

Enter queries using Kibana’s Lucene‑based syntax or the full Elasticsearch DSL. Examples include field:value, range queries, boolean operators, wildcards, and existence checks.

5.2.1 Lucene Query Syntax

Simple text search: safari Field‑specific search: status:200 Range search: status:[400 TO 499] Boolean operators: AND, OR,

NOT

5.2.2 Enhanced Kibana Query Syntax

New syntax supports explicit boolean operators, parentheses for precedence, and simplified expressions such as response:(200 or 404) or response:* for existence.

5.2.3 Refresh Results

Click the refresh button to reload the latest data.

5.3 Filter by Field

Use the field list controls to show or hide specific fields in the document view.

5.4 View Document Data

Inspect individual documents and their source JSON.

5.5 View Document Context

Explore surrounding documents related to the current one.

5.6 Field Statistics

View aggregated statistics for selected fields.

6. Visualize

Create visualizations (e.g., bar, line, pie charts) based on Elasticsearch aggregations, then add them to dashboards.

6.1 Create a Visualization

Navigate to Visualize, click “Create new visualization”, choose a type, define a query, and configure axes and aggregations.

7. Dashboard

Combine multiple visualizations and saved searches into a dashboard, arrange panels, and save for sharing. Switch between light and dark themes via the options menu.

8. Monitoring

Elasticsearch控制台打印日志
[2018-08-15T14:48:26,874][INFO ][o.e.c.m.MetaDataCreateIndexService] [Px524Ts] [.monitoring-kibana-6-2018.08.15] creating index, cause [auto(bulk api)], templates [.monitoring-kibana], shards [1]/[0], mappings [doc]

Kibana控制台打印日志
log   [03:26:53.605] [info][license][xpack] Imported license information from Elasticsearch for the [monitoring] cluster: mode: basic | status: active

Refer to the official Elastic documentation for detailed monitoring metrics.