WARNING: Version 6.0 of Kibana has passed its EOL date.
This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
Configuring Monitoring in Kibana
editConfiguring Monitoring in Kibana
editTo monitor Kibana:
- Install X-Pack.
-
Identify where to send monitoring data. Kibana automatically sends metrics to the Elasticsearch cluster specified in the
elasticsearch.urlsetting in thekibana.ymlfile. This property has a default value ofhttp://localhost:9200. This cluster is often referred to as the production cluster.If X-Pack security is enabled on the production cluster, use an HTTPS URL such as
https://<your_production_cluster>:9200in this setting. -
Identify where to retrieve monitoring data from. If you want to use a separate monitoring cluster, set
xpack.monitoring.elasticsearch.urlin thekibana.ymlfile. Otherwise, the monitoring data is stored in the production cluster.If X-Pack security is enabled on the monitoring cluster, use an HTTPS URL such as
https://<your_monitoring_cluster>:9200in this setting.To learn more about typical monitoring architectures with separate production and monitoring clusters, see How Monitoring Works.
-
If X-Pack security is enabled on the production cluster:
-
Verify that there is a
valid user ID and password in the
elasticsearch.usernameandelasticsearch.passwordsettings in thekibana.ymlfile. These values are used when Kibana sends monitoring data to the production cluster. -
Configure Kibana to encrypt communications between the Kibana server and the production cluster. This set up involves generating a server certificate and setting
server.ssl.*andelasticsearch.ssl.certitifcateAuthoritiessettings in thekibana.ymlfile on the Kibana server. For example:server.ssl.key: /path/to/your/server.key server.ssl.certificate: /path/to/your/server.crt
If you are using your own certificate authority to sign certificates, specify the location of the PEM file in the
kibana.ymlfile:elasticsearch.ssl.certificateAuthorities: /path/to/your/cacert.pem
For more information, see Configuring Security.
-
Verify that there is a
valid user ID and password in the
-
If X-Pack security is enabled on the monitoring cluster:
-
Identify a user ID and password that Kibana can use to retrieve monitoring
data. Specify these values in the
xpack.monitoring.elasticsearch.usernameandxpack.monitoring.elasticsearch.passwordsettings in thekibana.ymlfile. If these settings are omitted, Kibana uses theelasticsearch.usernameandelasticsearch.passwordsetting values. -
Configure Kibana to encrypt communications between the Kibana server and the monitoring cluster. Specify the
xpack.monitoring.elasticsearch.ssl.*settings in thekibana.ymlfile on the Kibana server.For example, if you are using your own certificate authority to sign certificates, specify the location of the PEM file in the
kibana.ymlfile:xpack.monitoring.elasticsearch.ssl.certificateAuthorities: /path/to/your/cacert.pem
-
Identify a user ID and password that Kibana can use to retrieve monitoring
data. Specify these values in the
- Restart Kibana.
-
If X-Pack security is enabled on your Kibana server:
-
Log in to Kibana as a user who has both the
kibana_userandmonitoring_userroles. These roles have the necessary privileges to view the monitoring dashboards. For example:POST /_xpack/security/user/stack-monitor { "password" : "changeme", "roles" : [ "kibana_user", "monitoring_user" ] } - If you are accessing a remote monitoring cluster, you must log in to Kibana with username and password credentials that are valid on both the Kibana server and the monitoring cluster.
-
See also Viewing Monitoring Data.