- Kibana Guide: other versions:
- What is Kibana?
- What’s new in 8.17
- Kibana concepts
- Quick start
- Set up
- Install Kibana
- Configure Kibana
- AI Assistant settings
- Alerting and action settings
- APM settings
- Banners settings
- Cases settings
- Enterprise Search settings
- Fleet settings
- i18n settings
- Logging settings
- Logs settings
- Metrics settings
- Monitoring settings
- Reporting settings
- Search sessions settings
- Secure settings
- Security settings
- Spaces settings
- Task Manager settings
- Telemetry settings
- URL drilldown settings
- Start and stop Kibana
- Access Kibana
- Securing access to Kibana
- Add data
- Upgrade Kibana
- Configure security
- Configure reporting
- Configure logging
- Configure monitoring
- Command line tools
- Production considerations
- Discover
- Dashboards
- Canvas
- Maps
- Build a map to compare metrics by country or region
- Track, visualize, and alert on assets in real time
- Map custom regions with reverse geocoding
- Heat map layer
- Tile layer
- Vector layer
- Plot big data
- Search geographic data
- Configure map settings
- Connect to Elastic Maps Service
- Import geospatial data
- Troubleshoot
- Reporting and sharing
- Machine learning
- Graph
- Alerting
- Observability
- Search
- Security
- Dev Tools
- Fleet
- Osquery
- Stack Monitoring
- Stack Management
- Cases
- Connectors
- Amazon Bedrock
- Cases
- CrowdStrike
- D3 Security
- Google Gemini
- IBM Resilient
- Index
- Jira
- Microsoft Teams
- Observability AI Assistant
- OpenAI
- Opsgenie
- PagerDuty
- SentinelOne
- Server log
- ServiceNow ITSM
- ServiceNow SecOps
- ServiceNow ITOM
- Swimlane
- Slack
- TheHive
- Tines
- Torq
- Webhook
- Webhook - Case Management
- xMatters
- Preconfigured connectors
- License Management
- Maintenance windows
- Manage data views
- Numeral Formatting
- Rollup Jobs
- Manage saved objects
- Security
- Spaces
- Advanced Settings
- Tags
- Upgrade Assistant
- Watcher
- REST API
- Get features API
- Kibana spaces APIs
- Kibana role management APIs
- User session management APIs
- Saved objects APIs
- Data views API
- Index patterns APIs
- Alerting APIs
- Action and connector APIs
- Cases APIs
- Import and export dashboard APIs
- Logstash configuration management APIs
- Machine learning APIs
- Osquery manager API
- Short URLs APIs
- Get Task Manager health
- Upgrade assistant APIs
- Synthetics APIs
- Uptime APIs
- Kibana plugins
- Troubleshooting
- Accessibility
- Release notes
- Upgrade notes
- Kibana 8.17.1
- Kibana 8.17.0
- Kibana 8.16.3
- Kibana 8.16.2
- Kibana 8.16.1
- Kibana 8.16.0
- Kibana 8.15.5
- Kibana 8.15.4
- Kibana 8.15.3
- Kibana 8.15.2
- Kibana 8.15.1
- Kibana 8.15.0
- Kibana 8.14.3
- Kibana 8.14.2
- Kibana 8.14.1
- Kibana 8.14.0
- Kibana 8.13.4
- Kibana 8.13.3
- Kibana 8.13.2
- Kibana 8.13.1
- Kibana 8.13.0
- Kibana 8.12.2
- Kibana 8.12.1
- Kibana 8.12.0
- Kibana 8.11.4
- Kibana 8.11.3
- Kibana 8.11.2
- Kibana 8.11.1
- Kibana 8.11.0
- Kibana 8.10.4
- Kibana 8.10.3
- Kibana 8.10.2
- Kibana 8.10.1
- Kibana 8.10.0
- Kibana 8.9.2
- Kibana 8.9.1
- Kibana 8.9.0
- Kibana 8.8.2
- Kibana 8.8.1
- Kibana 8.8.0
- Kibana 8.7.1
- Kibana 8.7.0
- Kibana 8.6.1
- Kibana 8.6.0
- Kibana 8.5.2
- Kibana 8.5.1
- Kibana 8.5.0
- Kibana 8.4.3
- Kibana 8.4.2
- Kibana 8.4.1
- Kibana 8.4.0
- Kibana 8.3.3
- Kibana 8.3.2
- Kibana 8.3.1
- Kibana 8.3.0
- Kibana 8.2.3
- Kibana 8.2.2
- Kibana 8.2.1
- Kibana 8.2.0
- Kibana 8.1.3
- Kibana 8.1.2
- Kibana 8.1.1
- Kibana 8.1.0
- Kibana 8.0.0
- Kibana 8.0.0-rc2
- Kibana 8.0.0-rc1
- Kibana 8.0.0-beta1
- Kibana 8.0.0-alpha2
- Kibana 8.0.0-alpha1
- Developer guide
Elasticsearch Monitoring Metrics
editElasticsearch Monitoring Metrics
editYou can drill down into the status of your Elasticsearch cluster in Kibana by clicking the Overview, Nodes, Indices and Logs links on the Stack Monitoring page.
For more information, refer to Monitor a cluster.
Cluster Overview
editTo view the key metrics that indicate the overall health of an Elasticsearch cluster, click Overview in the Elasticsearch section. Anything that needs your attention is highlighted in yellow or red.
Conditions that require your attention are listed at the top of the Clusters page. You can also set up watches to alert you when the status of your cluster changes. To learn how, see Watching the status of an Elasticsearch cluster.
The panel at the top shows the current cluster statistics, the charts show the search and indexing performance over time, and the table at the bottom shows information about any shards that are being recovered. If you use Filebeat to collect log data from this cluster, you can also see its recent logs.
Not sure what a chart is showing? Click the info button for a description of the metrics.
From there, you can dive into detailed metrics for particular nodes and indices.
Nodes
editTo view node metrics, click Nodes. The Nodes section shows the status of each node in your cluster.
Node Overview
editClick the name of a node to view its node statistics over time. These represent high-level statistics collected from Elasticsearch that provide a good overview of health. If you use Filebeat to collect log data from this node, you can also see its recent logs.
Node Advanced
editTo view advanced node metrics, click the Advanced tab for a node. The Advanced tab shows additional metrics, such as memory and garbage collection statistics reported by the selected Elasticsearch node.
You can use the advanced node view to diagnose issues that generally involve more advanced knowledge of Elasticsearch, such as poor garbage collection performance.
Indices
editTo view index metrics, click Indices. The Indices section shows the same overall index and search metrics as the Overview and a table of your indices.
Index Overview
editFrom the Indices listing, you can view data for a particular index. To drill down into the data for a particular index, click its name in the Indices table.
Index Advanced
editTo view advanced index metrics, click the Advanced tab for an index. The Advanced tab shows additional metrics, such as memory statistics reported about the Elasticsearch index. If the index has more than one shard, then its shards might live on more than one node.
The Advanced index view can be used to diagnose issues that generally involve more advanced knowledge of Elasticsearch, such as wasteful index memory usage.
Jobs
editTo view machine learning job metrics, click Jobs. For each job in your cluster, it shows information such as its status, the number of records processed, the size of the model, the number of forecasts, and the node that runs the job.
CCR
editTo view cross-cluster replication metrics, click CCR. For each follower index on the cluster, it shows the following information:
- Index: The name of the follower index.
- Follows: The name of the leader index.
- Alerts: Any read exceptions that have been triggered for the index or its shards.
-
Sync Lag (ops): How many operations the follower index is lagging behind the leader index.
This is calculated by finding the difference between the minimum and maximum operation sequence number on the leader (
leader_max_seq_no
) and the difference between the minimum and maximum global sequence number checkpoint on the follower (follower_global_checkpoint
) for each shard over the selected time period. The difference infollower_global_checkpoint
is subtracted from the difference inleader_max_seq_no
for each shard, and the highest result across all shards is displayed. - Last fetch time: The time elapsed since the last successful fetch from the leader index. Represents the longest time elapsed across all of the shards in the follower index.
-
Ops synced: The number of operations indexed (replicated) into the follower index from the leader index in the selected time period.
This metric is a sum of the number of operations indexed across all shards over the selected time period.
- Error: Any exceptions returned for the most recent document in the selected time period.
If you select a follower index, you can view the same information for each shard. For more information on the properties used to calculate these metrics, refer to the get follower stats API documentation.
If you select a shard, you can see graphs for the fetch and operation delays. You can also see advanced information, which contains additional stats from the get follower stats API.
Learn more about Cross-cluster replication.
Logs
editIf you use Filebeat to collect log data from your cluster, you can see its recent logs in the Stack Monitoring application. The Clusters page lists the number of informational, debug, and warning messages in the server and deprecation logs.
If you click Logs, you can see the most recent logs for the cluster.
By default, up to 10 log entries are shown. You can show up to 50 log
entries by changing the
monitoring.ui.elasticsearch.logFetchCount
setting.
On this page
ElasticON events are back!
Learn about the Elastic Search AI Platform from the experts at our live events.
Register now