ElasticSearch 5學習(2)——Kibana+X-Pack介紹使用（全）

Kibana是一個爲 ElasticSearch 提供的數據分析的 Web 接口。可以使用它對日誌進行高效的搜索、可視化、分析等各類操做。Kibana目前最新的版本5.0.2，回顧一下Kibana 3和Kibana 4的界面。

下面的圖展現的是Kibana 3的界面，全部的儀表盤直接放置主頁。

下面的圖展現的是Kibana 4的界面，和Kibana 3最大的區別是將原來的主體分紅三個部分，分別是發現頁、可視化、儀表盤。

下面是目前Kibana 5最新版本的界面。相比較Kibana 4除了界面的風格變化，最主要是功能欄上添加了Timeline、Management和Dev Tools選項。

Discover

You can interactively explore your data from the Discover page. You have access to every document in every index that matches the selected index pattern. You can submit search queries, filter the search results, and view document data. You can also see the number of documents that match the search query and get field value statistics. If a time field is configured for the selected index pattern, the distribution of documents over time is displayed in a histogram at the top of the page.

從發現頁能夠交互地探索ES的數據。能夠訪問與所選索引模式相匹配的每個索引中的每個文檔。您能夠提交搜索查詢、篩選搜索結果和查看文檔數據。還能夠看到匹配搜索查詢和獲取字段值統計的文檔的數量。若是一個時間字段被配置爲所選擇的索引模式，則文檔的分佈隨着時間的推移顯示在頁面頂部的直方圖中。

Visualize

Visualize enables you to create visualizations of the data in your Elasticsearch indices. You can then build dashboards that display related visualizations.Kibana visualizations are based on Elasticsearch queries. By using a series of Elasticsearch aggregations to extract and process your data, you can create charts that show you the trends, spikes, and dips you need to know about.You can create visualizations from a search saved from Discover or start with a new search query.

可視化能使你創造你的Elasticsearch指標數據的可視化。而後你能夠創建儀表板顯示相關的可視化。Kibana的可視化是基於Elasticsearch查詢。經過一系列的Elasticsearch聚合提取和處理您的數據，您能夠建立圖表顯示你須要知道的關於趨勢，峯值和驟降。您能夠從搜索保存的搜索中建立可視化或從一個新的搜索查詢開始。

Dashboard

A Kibana dashboard displays a collection of saved visualizations. You can arrange and resize the visualizations as needed and save dashboards so they be reloaded and shared.

一個儀表板顯示Kibana保存的一系列可視化。你能夠根據須要安排和調整可視化，並保存儀表盤，能夠被加載和共享。

Monitoring

從圖中能夠發現，默認Kibana是沒有該選項的。其實，Monitoring是由X-Pack集成提供的。

The X-Pack monitoring components enable you to easily monitor Elasticsearch through Kibana. You can view cluster health and performance in real time as well as analyze past cluster, index, and node metrics. In addition, you can monitor the performance of Kibana itself.When you install X-Pack on your cluster, a monitoring agent runs on each node to collect and index metrics from Elasticsearch. With X-Pack installed in Kibana, you can then view the monitoring data through a set of specialized dashboards.

該X-pack監控組件使您能夠經過Kibana輕鬆地監控ElasticSearch。您能夠實時查看集羣的健康和性能，以及分析過去的集羣、索引和節點度量。此外，您能夠監視Kibana自己性能。當你安裝X-pack在羣集上，監控代理運行在每一個節點上收集和指數指標從Elasticsearch。安裝在X-pack在Kibana上，您能夠查看經過一套專門的儀表板監控數據。

咱們能夠回顧安裝過程：ElasticSearch 5學習——安裝Elasticsearch、Kibana和X-Pack，能夠發現，在安裝X-pack的時候分別在ElasticSearch根目錄和Kibana根目錄下操做。

Graph

The X-Pack graph capabilities enable you to discover how items in an Elasticsearch index are related. You can explore the connections between indexed terms and see which connections are the most meaningful. This can be useful in a variety of applications, from fraud detection to recommendation engines.For example, graph exploration could help you uncover website vulnerabilities that hackers are targeting so you can harden your website. Or, you might provide graph-based personalized recommendations to your e-commerce customers.X-Pack provides a simple, yet powerful graph exploration API, and an interactive graph visualization tool for Kibana. Both work with out of the box with existing Elasticsearch indices—you don’t need to store any additional data to use the X-Pack graph features.

X-Pack圖的能力使你發現一個Elasticsearch索引項是如何相關聯的。你能夠探索索引條款之間的鏈接，看看哪些鏈接是最有意義的。從欺詐檢測到推薦引擎，對各類應用中這都是有用的，例如，圖的探索能夠幫助你發現網站上黑客的目標的漏洞，因此你能夠硬化你的網站。或者，您能夠爲您的電子商務客戶提供基於圖表的個性化推薦。X-pack提供簡單，但功能強大的圖形開發API，和Kibana交互式圖形可視化工具。使用X-pack圖有工做與開銷與現有Elasticsearch指標你不須要任何額外的數據存儲的特徵。

Timelion

Timelion is a time series data visualizer that enables you to combine totally independent data sources within a single visualization. It’s driven by a simple expression language you use to retrieve time series data, perform calculations to tease out the answers to complex questions, and visualize the results.

Timelion是一個時間序列數據的可視化，能夠結合在一個單一的可視化徹底獨立的數據源。它是由一個簡單的表達式語言驅動的，你用來檢索時間序列數據，進行計算，找出複雜的問題的答案，並可視化的結果。

這個功能由一系列的功能函數組成，一樣的查詢的結果，也能夠經過Dashboard顯示查看。

Management

The Management application is where you perform your runtime configuration of Kibana, including both the initial setup and ongoing configuration of index patterns, advanced settings that tweak the behaviors of Kibana itself, and the various "objects" that you can save throughout Kibana such as searches, visualizations, and dashboards.This section is pluginable, so in addition to the out of the box capabitilies, packs such as X-Pack can add additional management capabilities to Kibana.

管理中的應用是在你執行你的運行時配置kibana，包括初始設置和指標進行配置模式，高級設置，調整本身的行爲和Kibana，各類「對象」，你能夠查看保存在整個Kibana的內容如發現頁，可視化和儀表板。
這部分是pluginable，除此以外，X-pack能夠給Kibana增長額外的管理能力。

You can use X-Pack Security to control what Elasticsearch data users can access through Kibana.When you install X-Pack, Kibana users have to log in. They need to have the kibana_user role as well as access to the indices they will be working with in Kibana.If a user loads a Kibana dashboard that accesses data in an index that they are not authorized to view, they get an error that indicates the index does not exist. X-Pack Security does not currently provide a way to control which users can load which dashboards.

你可使用X-pack安全控制哪些用戶能夠訪問Elasticsearch數據經過Kibana。當你安裝X-pack，Kibana用戶登陸。他們須要有kibana_user做用以及得到的指標，他們將在Kibana的工做。若是用戶加載Kibana儀表板，訪問數據的一個索引，他們未被受權查看，他們獲得一個錯誤，代表指數不存在。X-pack安全目前並不提供一種方法來控制哪些用戶能夠負荷的儀表板。

Dev Tools

原先的交互式控制檯Sense，使用戶方便的經過瀏覽器直接與Elasticsearch進行交互。從Kibana 5開始更名並直接內建在Kibana，就是Dev Tools選項。

注意若是是Kibana 5以上，不能經過如下命令安裝Sense。(踩過的坑)

./bin/kibana plugin --install elastic/sense

或者

./bin/kibana-plugin install elastic/sense instead

總結

內容比較簡單，主要是對Kibana工具的總體功能總結，方便接下來對ElasticSearch 5的學習，其中X-Pack主要是添加身份權限的驗證，以及原先須要安裝其餘各類Marvel、Hand等各類功能插件添加到Kibana上使用才能使用的功能。

學習連接：

X-Pack：https://www.elastic.co/guide/en/x-pack/current/xpack-introduction.html

Kibana：https://www.elastic.co/guide/en/kibana/current/introduction.html

轉載請註明出處。
做者：wuxiwei
出處：http://www.cnblogs.com/wxw16/p/6156335.html