Kibana Is a service for visualizing Elasticsearch data and navigating it through the Elastic Stack. It helps you create dashboards, customize the visualization form, generate interactive graphs, even present geodata, analyze relationships, and explore anomalies with machine learning.

Installing Kibana from the repository

We import the PGP Key to further add the Elasticsearch repository

                      
                        $ rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
                      
                    

Add the repository

                      
                        $ sudo nano /etc/yum.repos.d/kibana.repo
[elasticsearch]
name=Elasticsearch repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
                      
                    

Install Kibana

                      
                        $ sudo dnf -y install kibana
                      
                    

Add the Kibana service to startup and start it

                      
                        $ sudo systemctl enable --now kibana
                      
                    

Checking if the service has started

                      
                        $ systemctl status kibana
                      
                    

Installing Kibana from an RPM package

Download the Kibana package and install it

                      
                        $ wget https://artifacts.elastic.co/downloads/kibana/kibana-7.9.3-x86_64.rpm -P /tmp
$ cd /tmp
$ sudo dnf -y localinstall kibana-7.9.3-x86_64.rpm
                      
                    

Add the Kibana service to startup and start it

                      
                        $ sudo systemctl enable --now kibana
                      
                    

Checking if the service has started

                      
                        $ sudo systemctl status kibana
                      
                    

Checking the port

                      
                        $ netstat -tulnp | grep 5601
                      
                    

Setting up Kibana

Editing the Kibana config file

                      
                        $ sudo nano /etc/kibana/kibana.yml
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601
# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "192.168.1.10"
[…]

# The URLs of the Elasticsearch instances to use for all your queries.
elasticsearch.hosts: ["https://localhost:9200"]
                      
                    

Restarting Kibana

                      
                        $ sudo systemctl restart kibana
                      
                    

If we use Nginx as Reverse Proxy

                      
                        
                          […]
                        
                        
server.host: "localhost"

                        
                          […]
                        
                      
                    

in this example, we say that the server should listen on the 192.168.1.10 interface

Firewall configuration (if we do not use nginx as reverse proxy)

Opening port 5601

                      
                        $ sudo firewall-cmd --add-port=5601/tcp --permanent
$ sudo firewall-cmd --reload
                      
                    

Installing NGINX

Add NGINX repository

                      
                        $ sudo nano /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=https://nginx.org/packages/
                        
                          centos
                        
                        /$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

[nginx-mainline]
name=nginx mainline repo
baseurl=https://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
                      
                    

The stable version will be used by default. If you need a mainline version, switch

                      
                        $ sudo dnf config-manager --set-enabled nginx-mainline
                      
                    

Install NGINX and httpd-tools

                      
                        $ sudo dnf -y install nginx httpd-tools
                      
                    

Add the NGINX service to startup and start it

                      
                        $ sudo systemctl enable --now nginx
                      
                    

Checking if the service has started

                      
                        $ systemctl status nginx
                      
                    

Configuring NGINX

Disable the default config

                      
                        $ cd /etc/nginx/conf.d/
$ sudo mv default.conf default.conf.disable
                      
                    

Create config for Kibana

                      
                        $ sudo nano kibana.conf
server {
  listen      80;
  #listen      [::]:80 ipv6only=on;
  server_name _;

  auth_basic "Restricted Access";
  auth_basic_user_file /etc/nginx/.kibana-user;

  location / {
    proxy_pass https://localhost:5601/;

 
                        
                             proxy_http_version 1.1;
                        
                        
                           proxy_set_header Upgrade $http_upgrade;
                        
                        
                           proxy_set_header Connection 'upgrade';
                        
                        
                           proxy_set_header Host $host;
                        
                        
                           proxy_cache_bypass $http_upgrade;
                        
                        
  }
}
                      
                    

Generating a password for authorization

                      
                        $ sudo htpasswd -c /etc/nginx/.kibana-user mykibana
New password: password
Re-type new password: password
Adding password for user mykibana
                      
                    

Restart NGINX, check the status

                      
                        $ sudo systemctl reload nginx
$ systemctl status nginx
                      
                    

Firewall configuration

Opening port 80

                      
                        $ sudo firewall-cmd --permanent --zone=public --add-service=http
$ sudo firewall-cmd --reload
                      
                    

See the list of rules

                      
                        $ sudo firewall-cmd --list-all
                      
                    

We close port 5601 if it was previously opened

                      
                        $ sudo firewall-cmd --permanent --zone=public --remove-port=5601/tcp
$ sudo firewall-cmd --reload
                      
                    

SELinux configuration

Adding a rule to the SELinux policy

                      
                        $ sudo setsebool -P httpd_can_network_connect=1