Configuring Monitoring in Kibana

edit

Configuring Monitoring in Kibana

edit

To monitor Kibana:

  1. Install X-Pack.
  2. Identify where to send monitoring data. Kibana automatically sends metrics to the Elasticsearch cluster specified in the elasticsearch.url setting in the kibana.yml file. This property has a default value of http://localhost:9200. This cluster is often referred to as the production cluster.

    If X-Pack security is enabled on the production cluster, use an HTTPS URL such as https://<your_production_cluster>:9200 in this setting.

  3. Identify where to retrieve monitoring data from. If you want to use a separate monitoring cluster, set xpack.monitoring.elasticsearch.url in the kibana.yml file. Otherwise, the monitoring data is stored in the production cluster.

    If X-Pack security is enabled on the monitoring cluster, use an HTTPS URL such as https://<your_monitoring_cluster>:9200 in this setting.

    To learn more about typical monitoring architectures with separate production and monitoring clusters, see How Monitoring Works.

  4. If X-Pack security is enabled on the production cluster:

    1. Verify that there is a valid user ID and password in the elasticsearch.username and elasticsearch.password settings in the kibana.yml file. These values are used when Kibana sends monitoring data to the production cluster.
    2. Configure Kibana to encrypt communications between the Kibana server and the production cluster. This set up involves generating a server certificate and setting server.ssl.* and elasticsearch.ssl.certitifcateAuthorities settings in the kibana.yml file on the Kibana server. For example:

      server.ssl.key: /path/to/your/server.key
      server.ssl.certificate: /path/to/your/server.crt

      If you are using your own certificate authority to sign certificates, specify the location of the PEM file in the kibana.yml file:

      elasticsearch.ssl.certificateAuthorities: /path/to/your/cacert.pem

      For more information, see Configuring Security.

  5. If X-Pack security is enabled on the monitoring cluster:

    1. Identify a user ID and password that Kibana can use to retrieve monitoring data. Specify these values in the xpack.monitoring.elasticsearch.username and xpack.monitoring.elasticsearch.password settings in the kibana.yml file. If these settings are omitted, Kibana uses the elasticsearch.username and elasticsearch.password setting values.
    2. Configure Kibana to encrypt communications between the Kibana server and the monitoring cluster. Specify the xpack.monitoring.elasticsearch.ssl.* settings in the kibana.yml file on the Kibana server.

      For example, if you are using your own certificate authority to sign certificates, specify the location of the PEM file in the kibana.yml file:

      xpack.monitoring.elasticsearch.ssl.certificateAuthorities: /path/to/your/cacert.pem
  6. Restart Kibana.
  7. If X-Pack security is enabled on your Kibana server:

    1. Log in to Kibana as a user who has both the kibana_user and monitoring_user roles. These roles have the necessary privileges to view the monitoring dashboards. For example:

      POST /_xpack/security/user/stack-monitor
      {
        "password" : "changeme",
        "roles" : [ "kibana_user", "monitoring_user" ]
      }
    2. If you are accessing a remote monitoring cluster, you must log in to Kibana with username and password credentials that are valid on both the Kibana server and the monitoring cluster.

See also Viewing Monitoring Data.