Cool Solution - Kibana

Note: Cool Solutions are articles documenting additional functionality based on Univention products. Not all of the shown steps in the article are covered by Univention Support. For questions about your support coverage contact your contact person at Univention before you want to implement one of the shown steps.

Kibana is a data virtualization tool which allows you to view the content of your ElasticSearch database. It is especially useful for viewing aggregated log files and metrics of your domain.


Install Elasticsearch

Kibana uses Elasticsearch as a Backend. Please install ElasticSearch according to our Article. We assume that you have the repository set from that article.

Install Kibana

Kibana utilizes the same repositories as ElasticSearch. Thus it can be installed directly. Furthermore enable Kibana as an autostarting service

univention-install kibana
systemctl enable kibana.service
systemctl start kibana.service

Open the Firewall Ports

To Access Kibana, you need to open the port in the firewall. Set the respective UCR variables to open them

ucr set security/packetfilter/tcp/5601/all=ACCEPT \
service univention-firewall restart

Configure Kibana

Most default values for Kibana are sufficient. However, to access it from remote, the server name has to be set. Open the config file /etc/kibana/kibana.yml and find the line starting with

Uncomment the line and insert the correct fully qualified server name.


Restart Elasticsearch and Kibana

systemctl restart elasticsearch.service
systemctl restart kibana.service

First Use

You can access Kibana using the name of your server and port 5601:

http://<ip of your server>:5601

Afterward please set the Discovery patterns according to the beats used within the web interface and configure the matching visualization.

This topic was automatically closed after 24 hours. New replies are no longer allowed.