Kibana is a data visualization and exploration tool that is specialized for large volumes of streaming and real-time data. The software makes huge and complex data streams more easily and quickly understandable through graphic representation. In short, this is the Web GUI for Elasticsearch.
Prerequisite
- Ubuntu 18.04 or later
- Valid SSL Certificate & Keys
- Elasticsearch already running and enabled with Xpack & SSL. If you haven’t, try to read this tutorial: Setup Elasticsearch with Xpack & SSL on Ubuntu 18.04
Sudo Privileges
Before start we make sure that we will have no permission issue on the installation and configuration.
sudo su
Install Kibana
Install dependencies
apt install apt-transport-https
Import elasticsearch gpg key
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add -
Update ubuntu repo
echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-7.x.list
apt update
Install the latest version of kibana
apt install kibana
Or, If you want a specific version of kibana to match your elasticsearch version, check the kibana version available first
apt list kibana -a
And then you can install wich version do you want, for example if you want version 7.14.0, execute this command
apt install kibana=7.14.0
Basic Kibana Configuration
Open kibana configuration file
nano /etcd/kibana/kibana.yml
You can set most of the value to default, you just need to edit some parameter.
Edit the binding address so kibana can be accessed from anywhere, not only from localhost
server.host: "0.0.0.0"
Edit elasticsearc host to match your elasticsearch domain. For example my elasticsearch domain is https://elastic.example.id:9200.
elasticsearch.hosts: ["https://elastic.example.id:9200"]
Edit your elasticsearch username and password. You must already have a username and password when activating the Xpack on the elasticsearch, use that for this configuration. For example I have user kibana_system and password kibana@123:
elasticsearch.username: "kibana_system"
elasticsearch.password: "kibana@123"
Save & Exit. Start kibana service
service kibana start
Right Now, we should see the kibana landing page on port 5601. To check it, you can try using this command:
netstat -ntplu | grep 5601
It will display something like this
tcp 0 0.0.0.0:5601 0.0.0.0:* LISTEN 1174/node
You can also access kibana from your browser by accessing to
http://<your kibana ip>:5601
Enabling Xpack
By default, if your elasticsearch is already enabled using xpack, then the xpack in kibana is also enabled. The prove is that your kibana have a login page when you test it earlier. If your kibana doesn’t have a login page, then your elasticsearch is still not configured with xpack correctly.
Altough the xpack is already enabled, there are some additional xpack setting that we need to set in order to activate some feature in kibana. To configure them, open the kibana configuration file
nano /etcd/kibana/kibana.yml
Add this 3 line of code in the bottom of the file:
xpack.encryptedSavedObjects.encryptionKey: <32 character string>
xpack.reporting.encryptionKey: <32 character string>
xpack.security.encryptionKey: <32 character string>
Now you must provide this <32 character string>. You can do this just by running this command on the cli:
openssl rand -hex 16
This will give us a random 32 character string. Like this
1a703de8a09fcfe667f8d5c2f0885de3
Run this command 3 times to get 3 random string, and then configure the xpack like this:
xpack.encryptedSavedObjects.encryptionKey: 1a703de8a09fcfe667f8d5c2f0885de3
xpack.reporting.encryptionKey: f27ad99f3d9a4611b56b6d4959d9763b
xpack.security.encryptionKey: 0d73aeb3b49d6531d81eb2adeef6807e
Save & Exit, and then restart kibana service
service kibana restart
Enabling SSL
To enable the SSL, first we need to place our SSL certificate & key. Create directory in kibana home:
mkdir /usr/share/kibana/cert
Place your certificate inside this directory, and don’t forget to give read persission to the file
chmod +r /usr/share/kibana/cert/*
Open kibana configuration file
nano /etc/kibana/kibana.yml
Add this 3 lines of code in the bottom of the file
server.ssl.enabled: true
server.ssl.certificate: /usr/share/kibana/cert/<certificate-name>.crt
server.ssl.key: /usr/share/kibana/cert/<certificate-key-name>.key
You must match <certificate-name> and <certificate-key-name> with the file name.
restart kibana service
service kibana restart
Wait around 1-5 minutes, and then test weather the kibana is configured correctly by opening your kibana from the browser using your domain that match your SSL certificate and key. For example my kibana domain is dashboard.example.com. Access this url from the browser:
https://dashboard.example.com:5601
Congrats! Right now you already setup your Kibana with Xpack & SSL enabled on Ubuntu 18.04.