Kibana是一個為 ElasticSearch 提供的數據分析的 Web 接口。可使用它對日志進行高效的搜索、可視化、分析等各種操作。Kibana目前最新的版本5.0.2,回顧一下Kibana 3和Kibana 4的界面。
下面的圖展示的是Kibana 3的界面,所有的儀表盤直接放置主頁。
下面的圖展示的是Kibana 4的界面,和Kibana 3最大的區別是將原來的主體分成三個部分,分別是發現頁、可視化、儀表盤。
下面是目前Kibana 5最新版本的界面。相比較Kibana 4除了界面的風格變化,最主要是功能欄上添加了Timeline、Management和Dev Tools選項。
Discover
You can interactively explore your data from the Discover page. You have access to every document in every index that matches the selected index pattern. You can submit search queries, filter the search results, and view document data. You can also see the number of documents that match the search query and get field value statistics. If a time field is configured for the selected index pattern, the distribution of documents over time is displayed in a histogram at the top of the page.
從發現頁可以交互地探索ES的數據。可以訪問與所選索引模式相匹配的每一個索引中的每一個文檔。您可以提交搜索查詢、篩選搜索結果和查看文檔數據。還可以看到匹配搜索查詢和獲取字段值統計的文檔的數量。如果一個時間字段被配置為所選擇的索引模式,則文檔的分布隨着時間的推移顯示在頁面頂部的直方圖中。
Visualize
Visualize enables you to create visualizations of the data in your Elasticsearch indices. You can then build dashboards that display related visualizations.Kibana visualizations are based on Elasticsearch queries. By using a series of Elasticsearch aggregations to extract and process your data, you can create charts that show you the trends, spikes, and dips you need to know about.You can create visualizations from a search saved from Discover or start with a new search query.
可視化能使你創造你的Elasticsearch指標數據的可視化。然后你可以建立儀表板顯示相關的可視化。Kibana的可視化是基於Elasticsearch查詢。通過一系列的Elasticsearch聚合提取和處理您的數據,您可以創建圖表顯示你需要知道的關於趨勢,峰值和驟降。您可以從搜索保存的搜索中創建可視化或從一個新的搜索查詢開始。
Dashboard
A Kibana dashboard displays a collection of saved visualizations. You can arrange and resize the visualizations as needed and save dashboards so they be reloaded and shared.
一個儀表板顯示Kibana保存的一系列可視化。你可以根據需要安排和調整可視化,並保存儀表盤,可以被加載和共享。
Monitoring
從圖中可以發現,默認Kibana是沒有該選項的。其實,Monitoring是由X-Pack集成提供的。
The X-Pack monitoring components enable you to easily monitor Elasticsearch through Kibana. You can view cluster health and performance in real time as well as analyze past cluster, index, and node metrics. In addition, you can monitor the performance of Kibana itself.When you install X-Pack on your cluster, a monitoring agent runs on each node to collect and index metrics from Elasticsearch. With X-Pack installed in Kibana, you can then view the monitoring data through a set of specialized dashboards.
該X-pack監控組件使您可以通過Kibana輕松地監控ElasticSearch。您可以實時查看集群的健康和性能,以及分析過去的集群、索引和節點度量。此外,您可以監視Kibana本身性能。當你安裝X-pack在群集上,監控代理運行在每個節點上收集和指數指標從Elasticsearch。安裝在X-pack在Kibana上,您可以查看通過一套專門的儀表板監控數據。
我們可以回顧安裝過程:ElasticSearch 5學習——安裝Elasticsearch、Kibana和X-Pack,可以發現,在安裝X-pack的時候分別在ElasticSearch根目錄和Kibana根目錄下操作。
Graph
The X-Pack graph capabilities enable you to discover how items in an Elasticsearch index are related. You can explore the connections between indexed terms and see which connections are the most meaningful. This can be useful in a variety of applications, from fraud detection to recommendation engines.For example, graph exploration could help you uncover website vulnerabilities that hackers are targeting so you can harden your website. Or, you might provide graph-based personalized recommendations to your e-commerce customers.X-Pack provides a simple, yet powerful graph exploration API, and an interactive graph visualization tool for Kibana. Both work with out of the box with existing Elasticsearch indices—you don’t need to store any additional data to use the X-Pack graph features.
X-Pack圖的能力使你發現一個Elasticsearch索引項是如何相關聯的。你可以探索索引條款之間的連接,看看哪些連接是最有意義的。從欺詐檢測到推薦引擎,對各種應用中這都是有用的,例如,圖的探索可以幫助你發現網站上黑客的目標的漏洞,所以你可以硬化你的網站。或者,您可以為您的電子商務客戶提供基於圖表的個性化推薦。X-pack提供簡單,但功能強大的圖形開發API,和Kibana交互式圖形可視化工具。使用X-pack圖有工作與開銷與現有Elasticsearch指標你不需要任何額外的數據存儲的特征。
Timelion
Timelion is a time series data visualizer that enables you to combine totally independent data sources within a single visualization. It’s driven by a simple expression language you use to retrieve time series data, perform calculations to tease out the answers to complex questions, and visualize the results.
Timelion是一個時間序列數據的可視化,可以結合在一個單一的可視化完全獨立的數據源。它是由一個簡單的表達式語言驅動的,你用來檢索時間序列數據,進行計算,找出復雜的問題的答案,並可視化的結果。
這個功能由一系列的功能函數組成,同樣的查詢的結果,也可以通過Dashboard顯示查看。
Management
The Management application is where you perform your runtime configuration of Kibana, including both the initial setup and ongoing configuration of index patterns, advanced settings that tweak the behaviors of Kibana itself, and the various "objects" that you can save throughout Kibana such as searches, visualizations, and dashboards.This section is pluginable, so in addition to the out of the box capabitilies, packs such as X-Pack can add additional management capabilities to Kibana.
管理中的應用是在你執行你的運行時配置kibana,包括初始設置和指標進行配置模式,高級設置,調整自己的行為和Kibana,各種“對象”,你可以查看保存在整個Kibana的內容如發現頁,可視化和儀表板。
這部分是pluginable,除此之外,X-pack可以給Kibana增加額外的管理能力。
You can use X-Pack Security to control what Elasticsearch data users can access through Kibana.When you install X-Pack, Kibana users have to log in. They need to have the kibana_user role as well as access to the indices they will be working with in Kibana.If a user loads a Kibana dashboard that accesses data in an index that they are not authorized to view, they get an error that indicates the index does not exist. X-Pack Security does not currently provide a way to control which users can load which dashboards.
你可以使用X-pack安全控制哪些用戶可以訪問Elasticsearch數據通過Kibana。當你安裝X-pack,Kibana用戶登錄。他們需要有kibana_user作用以及獲得的指標,他們將在Kibana的工作。如果用戶加載Kibana儀表板,訪問數據的一個索引,他們未被授權查看,他們得到一個錯誤,表明指數不存在。X-pack安全目前並不提供一種方法來控制哪些用戶可以負荷的儀表板。
Dev Tools
原先的交互式控制台Sense,使用戶方便的通過瀏覽器直接與Elasticsearch進行交互。從Kibana 5開始改名並直接內建在Kibana,就是Dev Tools選項。
注意如果是Kibana 5以上,不能通過以下命令安裝Sense。(踩過的坑)
./bin/kibana plugin --install elastic/sense
或者
./bin/kibana-plugin install elastic/sense instead
總結
內容比較簡單,主要是對Kibana工具的整體功能總結,方便接下來對ElasticSearch 5的學習,其中X-Pack主要是添加身份權限的驗證,以及原先需要安裝其他各種Marvel、Hand等各種功能插件添加到Kibana上使用才能使用的功能。
學習鏈接:
X-Pack:https://www.elastic.co/guide/en/x-pack/current/xpack-introduction.html
Kibana:https://www.elastic.co/guide/en/kibana/current/introduction.html
轉載請注明出處。
作者:wuxiwei
出處:http://www.cnblogs.com/wxw16/p/6156335.html