Kibana Configuration
- Refer Here for the official docs
- Ensure kibana’s enrollment token is generated
sudo /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana
- Change the server.host in /etc/kibana/kibana.yml to “0.0.0.0” and execute the following commands
sudo systemctl daemon-reload
sudo systemctl enable kibana.service
sudo systemctl restart kibana.service
- Access kibana using
http://<public-ip>:5601and paste the enrollment token
- After succesful configuration we get username and password on the kibana page
- Reset the elastic user password and store the password
sudo /usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic
- Now create a user for kibana administration
curl --insecure -u "elastic:<your elastic password"" -X POST "https://localhost:9200/_security/user/<your username>?pretty" -H 'Content-Type: application/json' -d'
{
"password" : "<your password>",
"roles" : [ "kibana_admin" ]
}
'
-
Now login into kiban with the username and password
- Lets play with kibana console to work with index api Refer Here
- To create index Refer Here
- curl request
Troubleshooting tips for any application
- Figure out the log locations
- search for any error logs and back track from there.
- if the application is configured to store logs in
- syslog
- journalctl
- eventviewer (windows)
