Kibana basic operation

One 、 Index management

1.1 see ES The index of

【 management 】–【 Index management 】

1.2 Create and use indexes

When our data is stored in ES In a cluster , The next step is Kibana Show the link , First we need to add an index （ General search can be carried out ）, This index we are Logstash It has been customized by .

1、 On the left side of the menu bar 【 management 】 Create

2、 Filter by timestamp

3、 How to view the index just created ？

You can click 【 Time 】 The subscript of the field

In the figure , Dark grey indicates the word key, The next corresponding is value

4、 How to specify the field display ？

Field order adjustment

Two 、 User management

2.1 Create user

Be careful ： The function of creating users is based on ES The cluster turns on user authentication .

1、 Basic introduction

2、 Create user

3、 Fill in user related information

The point of attention here is , Settings for user roles .

user name ： be used for Kibana Sign in

full name ： Customize （ Generally defined as the employee's real name ）

4、 Look at the user management page ： Successfully created

2.2 Delete user

Click the user management page （ Upper figure ） Corresponding user name , You'll go to the following page , Click delete user .

2.3 Change user password

1、 Click the user name corresponding to the user page

2、 Enter the user password modification page

2.4 User roles （ jurisdiction ）

Click on the character , Manage relevant roles ：

ES Provides Keep the role and Customize Roles , Different users can be bound with different permissions according to our needs . More description of role parameters , Please have a look at Official documents

View the creation results ：

2.5 The role corresponds to the binding workspace

1、 For example, I created dev role

• establish dev role

• The role is bound dev user （Java Development ）

2、 Now bind the workspace to this role

Purpose ： Make this role only have relevant permissions for this workspace , Realize the division of user rights .

3、 ... and 、ES colony / Instance status

stay Kibana On the control panel , You can see ES Cluster and Kibana Example health status , How to view ？

Click on Kibana In the lower left corner of the menu bar 【monitoring】 Monitor button to view ：

3.1 ES colony

1、 Main indicators

• ES Cluster version ;
• ES The running time of the cluster ;
• ES Percentage of cluster disk free space ;
• ES Clustered JVM Heap size ;
• ES The index data details of the cluster ;
• ES Cluster memory usage ;
• ES Status as Green Indicates the health of the cluster .

2、 Overall overview

3.2 Kibana example

1、 Main indicators

• Kibana Number of requests
• Kibana The number of connections
• Kibana Memory usage
• Kibana response time
• Kibana Status as Green Indicates instance health

2、 Overall overview

Four 、 Commonly used visual analysis

This time, we use Kibana A sample data comes with it （ Flight log ） To do a demonstration .

4.1 The pie chart

This time, the function is realized ： Show the number of flights and the proportion of flights .

1、 Create a visual interface

2、 Select the desired visualization type

3、 Choose which index to create the visual interface based on

Show it in the flight log

4、 indicators / Bucket selection

The fields in the above figure will be automatically checked out according to the contents of your index log ：

Carrier Indicates the flight company

You can adjust the color of the pie chart according to your needs , Configure in the upper right corner of the visual graph ：

5、 Generate indicator data

If you want to continue to optimize the interface properties of the pie chart , Clickable 【 Options 】 Set it up ：

Finally, click 【 preservation 】 that will do

【 Confirm to save 】– If you are doing the same kind of visualization , Try to keep the title in a certain format , It is convenient to import the dashboard later , such as ：

• flight - Number of flights
• flight - Flight fare
• flight -…

Conclusion ：

1. This pie chart shows the number and proportion of flights carried by different flight companies ;

2. If in the field of game application , It can show the proportion of a game used by different countries .

4.2 Area map

This time, the function is realized ：

1. according to Time In the same area Show the number of flights And Average ticket price .
2. Number of flights used area map （area） Exhibition , The average ticket price is displayed using a dot chart .

1、 Create a new area map and configure relevant indicators

2、 Generate indicator data

At this time, there are two Y Axis （ Count and average ） Become , It's not very beautiful , Click 【Metrics & Axes】 Further optimization ：

3、 Finally, click 【 preservation 】 that will do

Conclusion ：

• The area map can be used for relevant data statistics 、 Exhibition ;
• Its icon types are area、line、bar In the form of , For many Y The shaft can be used selectively ;
• Those displayed in dot form need to be created in advance 【 Point size index 】, It's convenient Size adjustment .

4.3 Vertical bar chart

This time, the function is realized ： according to Time In the same vertical bar chart Show the flight delay And Type of delay .

1、 Create a new vertical bar chart and configure relevant indicators

2、 Generate indicator data

X Axis mainly realizes the type of aircraft delay at a certain time point ,Y The axle is responsible for counting the number of delay types .

3、 Finally, click 【 preservation 】 that will do

Conclusion ：

• The vertical bar chart can count the data of different types of indicators at the same time ;
• Its presentation form is very intuitive .

4.4 Tag cloud

This time, the function is realized ： Display the weather conditions of the target airport

1、 Create a new tag cloud and configure relevant indicators

2、 Clickable 【 Options 】 Sort the tags

3、 Finally, click 【 preservation 】 that will do

Conclusion ：

• This is also a more practical graphic display , For example, it is applied in our hot search keywords ;
• If some keywords appear more often , The larger the words in the visual interface .

4.5 Data sheet

This time, the function is realized ： Number of flights 、 flight delay 、 Flight cancellation statistics .

1、 Create a new data table and configure relevant indicators

next , Create multiple indicators in a chart , such as , In addition to the above number of flights , I will add Flight delay indicators and Flight cancellation indicator two .

2、 Continue adding groups （ Table field ）

Data filtering can be performed on fields .

But the result is the aggregation of all data , We can continue to optimize ：

In this way, the statistics can be segmented .

3、 Finally, click 【 preservation 】 that will do

Conclusion ：

• Display through the two-dimensional relationship of the chart , More clarity ;
• At the same time, the chart has multi field customization and log data filtering （ Screening ）.

4.6 Regional map

This time, the function is realized ： Show different ticket prices in different countries through maps .

1、 Create a new regional map and configure relevant indicators

The higher the ticket price , The redder the map is （ Of course, you can also customize the color ）

2、 Finally, click 【 preservation 】 that will do

Conclusion ：

• For companies with global markets , Regional maps are a good choice ;
• In this mode , Relevant statistics can be made on log data （ Related to international regions ）, The statistical results will be presented in the form of a map .

4.7 TSVB chart

For the more complicated ES Aggregation operation , Need to use our TSVB, That is, the comprehensive chart below ：

This time, the function is realized ： Count the flight delay rate

1、 newly build Visual Builder And configure relevant indicators

2、 Then click the panel option to generate data

4.8 problem ？

about kibana Operation on the dot , You can get the corresponding data information . After creating a visual chart , How does the back end realize data collection ？

1、 Click 【 Check 】 Button

2、 see 【 Ask personally 】 part

You can see , This is actually ES Aggregate query statements on the back end , That is, when we operate little by little , It has already helped us realize it automatically .

5、 ... and 、 Dashboard management

5.1 New dashboard

1、 Click the dashboard on the right , And create a new dashboard

2、 Click on the menu bar above 【 add to 】 Button

3、 In turn, click , Will be added to the dashboard

4、 Finally, click 【 preservation 】 that will do

View on the dashboard ：

5、 Dashboard management

• Check
• edit
• customized
• Full screen
• Delete

5.2 Share dashboard

If we need to share the contents of the dashboard with our colleagues , This is what is needed Kibana Of instrument panel sharing .

Click on 【 Replication link 】

6、 ... and 、 Manage space

6.1 purpose

Management space can be used for permission management , For example, the visual interface of some group configurations is only available for this group , This can be applied to Manage space 了 , Each management space can manage its own independent set of visual interfaces , Be similar to K8s Of namespace.

6.2 New management space

1、 Here's the picture , Click on 【 Manage space 】

Or click on the left side of the menu bar 【 management 】—>【Kibana】—>【 work area 】 newly build

2、 Click to create a space

3、 Create good after , You can log in to different management spaces

7、 ... and 、 Log query

7.1 Query by index

1、Discover Select the defined index

2、 Select the corresponding index to view the specific log

7.2 Check according to the time

If you match a time node according to the index field , Then the time point can be filtered out within the time range in the figure below .

7.3 Query by index field

1、 See which fields are available in the specified index

2、 Filter the log contents according to the fields

• Single condition screening

  Match according to a file name

  

  The results are as follows

  

  The matched field will be highlighted

• Multi criteria screening

  Precise matching

  

explain ： Filtering data according to fields is a flexible means , You can quickly locate the specific location of the log .

< Click to jump to the beginning >