Kibana: the Elasticsearch UI

Contents

What is Kibana

The README in the Kibana GitHub repository describes Kibana as: “a browser-based analytics and search dashboard for Elasticsearch.” Kibana is a user interface that enables you to query, explore, and visualize the data stored in Elasticsearch. But Kibana is more than that; it also serves as a frontend for managing the Elastic Stack: setting up security, data lifecycle policies, backups, alerting, and more.

Accessing Kibana

Kibana provides a web interface that you can access with a web browser. By default, a locally run instance of Kibana can be accessed at http://localhost:5601. Fun fact: Kibana’s port number, 5601, turned upside down resembles the word “logs,” hinting at Kibana’s origins as a log viewer.

Upon accessing http://localhost:5601, you are greeted by a login prompt. Log in using the elastic user and the ELASTIC_PASSWORD password you set in the Docker .env file.

The first time you log in, Kibana will prompt you to add any “integrations.” You can skip this step by selecting Explore on my own, which will take you to the Kibana Home.

To navigate around Kibana, select the menu button in the top left to open the main menu. Feel free to click around to familiarize yourself with Kibana’s features.

Uploading data

Next, you’ll use Kibana to load a data set.

About the dataset

The examples in this guide use a dataset containing meta-information about 11,121 books. It is based on a dataset published on Kaggle by user ‘soumik’ under a CC0: Public Domain license.

The dataset includes the following information for each book:

  • id, a unique identifier
  • title, the title
  • authors, names of the authors, separated by slashes (/)
  • average_rating, the average rating
  • isbn, the International Standard Book Number (ISBN)
  • language_code, a code indicating the language in which the book was written
  • num_pages, the number of pages
  • publication_date, the publication date
  • publisher, the publisher

Load the dataset

The dataset is available as a comma-separated values (CSV) file. Use the file upload feature of Kibana to load the file into Elasticsearch:

  1. Download the file and save it to disk.
  2. Unzip the books.csv.zip file.
  3. Open Kibana in a web browser and navigate to the Kibana Home.
  4. Select Upload a file.
  5. Choose Select or drag and drop a file, and select the unzipped books.csv file.
  6. Select Import.
  7. Enter books for the index name and select Import.
  8. Wait a few moments for Kibana to import the data.

To validate that the import was successful:

  1. From the Kibana main menu, select Discover.
  2. If not selected yet, in the top left, choose the books data view.
  3. Change the time filter in the top right to display data for the last 150 years.
  4. Discover should show you a list of 11,121 books.

Discover

Discover is a user interface that lets you search and explore your data. It enables you to write queries, add filters, and inspect the resulting documents.

  1. Ensure that the time filter in the top right is set to the last 150 years.
  2. In the search bar at the top of the screen, type tolstoy and hit enter.
  3. Below the search bar, Discover displays a list of all 28 matching documents.
  4. You may notice that some results include the word tolstoy in the title field, while others match on the authors field. You can make your query more specific by searching within a specific field. Prepend your query with the field name, separated by a colon. For example: title:tolstoy or authors:tolstoy.
  5. Select one of the results and click the double-headed arrow. This opens a pane with the entire document.

Dashboards

Dashboards enable you to visualize your data. A dashboard consists of one or more panels. The most common type of panel is a data visualization, but a panel can also contain static text, an image, or an interactive control. By combining multiple panels onto one dashboard, you can get an overview of a dataset.

  1. Select Dashboard from the main menu.
  2. Select Create a dashboard.
  3. Ensure that the time filter in the top right is set to the last 150 years.
  4. Select Create visualization.
  5. From the list of available fields, drag language_code onto the central workspace.
  6. The workspace now displays a breakdown of the different languages, visualized as a vertical bar chart. You can change the visualization type in the top right. For example, try selecting Pie to create a pie chart instead.
  7. Once you’re satisfied with the visualization, select Save and return to add the visualization to the dashboard.
  8. You can add another visualization to the dashboard by selecting Create visualization.
  9. From the list of available fields, drag publication_date onto the central workspace.
  10. Select Save and return to add this visualization to the dashboard.
  11. You can adjust the size of each visualization and move it around on the dashboard.
  12. Once you’re satisfied with the dashboard, select Save.
  13. Give the dashboard a name, for example Books, and select Save.
  14. Select Dashboard from the main menu to return to the dashboard overview. You should see your saved dashboard and can open it by selecting it from the list.