Reporting settings in Kibana
editReporting settings in Kibana
editYou can configure xpack.reporting
settings in your kibana.yml
to:
General reporting settings
edit-
xpack.reporting.enabled
-
Set to
false
to disable the reporting features. -
xpack.reporting.encryptionKey
- Set to any text string. By default, Kibana will generate a random key when it starts, which will cause pending reports to fail after restart. Configure this setting to preserve the same key across multiple restarts and multiple instances of Kibana.
Kibana server settings
editReporting opens the Kibana web interface in a server process to generate
screenshots of Kibana visualizations. In most cases, the default settings
will work and you don’t need to configure Reporting to communicate with Kibana.
However, if your client connections must go through a reverse-proxy
to access Kibana, Reporting configuration must have the proxy port, protocol,
and hostname set in the xpack.reporting.kibanaServer.*
settings.
If a reverse-proxy carries encrypted traffic from end-user clients back to a Kibana server, the proxy port, protocol, and hostname in Reporting settings must be valid for the encryption that the Reporting browser will receive. Encrypted communications will fail if there are mismatches in the host information between the request and the certificate on the server.
Configuring the xpack.reporting.kibanaServer
settings to point to a
proxy host requires that the Kibana server has network access to the proxy.
-
xpack.reporting.kibanaServer.port
-
The port for accessing Kibana, if different from the
server.port
value. -
xpack.reporting.kibanaServer.protocol
-
The protocol for accessing Kibana, typically
http
orhttps
. -
xpack.reporting.kibanaServer.hostname
-
The hostname for accessing Kibana, if different from the
server.host
value.
Background job settings
editReporting generates reports in the background and jobs are coordinated using documents in Elasticsearch. Depending on how often you generate reports and the overall number of reports, you might need to change the following settings.
-
xpack.reporting.queue.indexInterval
-
How often the index that stores reporting jobs rolls over to a new index.
Valid values are
year
,month
,week
,day
, andhour
. Defaults toweek
. -
xpack.reporting.queue.pollEnabled
-
Set to
true
(default) to enable the Kibana instance to to poll the index for pending jobs and claim them for execution. Setting this tofalse
allows the Kibana instance to only add new jobs to the reporting queue, list jobs, and provide the downloads to completed report through the UI.
Running multiple instances of Kibana in a cluster for load balancing of
reporting requires identical values for xpack.reporting.encryptionKey
and, if
security is enabled, xpack.security.encryptionKey
.
-
xpack.reporting.queue.pollInterval
-
Specifies the number of milliseconds that the reporting poller waits between polling the
index for any pending Reporting jobs. Defaults to
3000
(3 seconds). -
xpack.reporting.queue.timeout
-
How long each worker has to produce a report. If your machine is slow or under
heavy load, you might need to increase this timeout. Specified in milliseconds.
Defaults to
120000
(two minutes).
Capture settings
editReporting works by capturing screenshots from Kibana. The following settings control the capturing process.
-
xpack.reporting.capture.loadDelay
-
When visualizations are not evented, this is the amount of time before
taking a screenshot. All visualizations that ship with Kibana are evented, so this
setting should not have much effect. If you are seeing empty images instead of
visualizations, try increasing this value.
Defaults to
3000
(3 seconds). -
xpack.reporting.capture.browser.type
-
Specifies the browser to use to capture screenshots. This setting exists for
backward compatibility. The only valid option is
chromium
.
Chromium settings
editWhen xpack.reporting.capture.browser.type
is set to chromium
(default) you can also specify the following settings.
-
xpack.reporting.capture.browser.chromium.disableSandbox
- Elastic recommends that you research the feasibility of enabling unprivileged user namespaces. See Chromium Sandbox for additional information. Defaults to false for all operating systems except Debian, Red Hat Linux, and CentOS which use true
-
xpack.reporting.capture.browser.chromium.proxy.enabled
-
Enables the proxy for Chromium to use. When set to
true
, you must also specify thexpack.reporting.capture.browser.chromium.proxy.server
setting. Defaults tofalse
-
xpack.reporting.capture.browser.chromium.proxy.server
- The uri for the proxy server. Providing the username and password for the proxy server via the uri is not supported.
-
xpack.reporting.capture.browser.chromium.proxy.bypass
- An array of hosts that should not go through the proxy server and should use a direct connection instead. Examples of valid entries are "elastic.co", "*.elastic.co", ".elastic.co", ".elastic.co:5601"
CSV settings
editThe maximum size of a CSV file before being truncated. This setting exists to prevent
large exports from causing performance and storage issues.
Defaults to |
|
|
Number of documents retrieved from Elasticsearch for each scroll iteration during a CSV
export.
Defaults to |
|
Amount of time allowed before Kibana cleans the scroll context during a CSV export.
Defaults to |
|
Enables a check that warns you when there’s a potential formula involved in the output (=, -, +, and @ chars).
See OWASP: https://www.owasp.org/index.php/CSV_Injection
Defaults to |
|
Enables CSV export from a saved search on a dashboard. This action is available in the dashboard
panel menu for the saved search.
Defaults to |
Advanced settings
edit-
xpack.reporting.index
-
Reporting uses a weekly index in Elasticsearch to store the reporting job and
the report content. The index is automatically created if it does not already
exist. Configure this to a unique value, beginning with
.reporting-
, for every Kibana instance that has a uniquekibana.index
setting. Defaults to.reporting
-
xpack.reporting.roles.allow
-
Specifies the roles in addition to superusers that can use reporting. Defaults to
[ "reporting_user" ]
Each user has access to only their own reports.