Skip to main content

🎯 Installing and Configuring the Kibana Dashboard πŸš€

Kibana is a powerful visualization tool that works with Elasticsearch to help you explore, analyze, and visualize data in real time. It provides intuitive dashboards, charts, and search capabilities for your log and metric data.

πŸ“Œ Step 1: Install Kibana πŸ› β€‹

sudo apt install kibana

πŸ“Œ Step 2: Enable and Start Kibana Service βš‘β€‹

sudo systemctl enable kibana
sudo systemctl start kibana

By default, Kibana listens only on localhost (127.0.0.1). To access it externally, you’ll need to set up a reverse proxy using Nginx.

πŸ“Œ Step 3: Set Up Nginx as a Reverse Proxy πŸŒβ€‹

Ensure Nginx is installed:

sudo apt install nginx

πŸ“Œ Step 4: Create an Administrative Kibana User πŸ”β€‹

We’ll create a username and password to secure access to Kibana via Nginx.

echo "asifkibana:`openssl passwd -apr1`" | sudo tee -a /etc/nginx/htpasswd.users

πŸ’‘ Replace asifkibana with your desired username and set a strong password when prompted.

Example password: Kibana@123 (⚠️ Do not use this in production.)

πŸ“Œ Step 5: Configure Nginx Reverse Proxy πŸ–₯​

Create a new Nginx configuration file:

sudo vi /etc/nginx/sites-available/elk.asifahmadkhan.com.conf

Add the following configuration:

server {
    listen 80;
    server_name elk.asifahmadkhan.com;

    access_log /var/log/nginx/elk.asifahmadkhan.com_access.log;
    error_log /var/log/nginx/elk.asifahmadkhan.com_error.log;

    auth_basic "Restricted Access";
    auth_basic_user_file /etc/nginx/htpasswd.users;

    location / {
        proxy_pass http://localhost:5601;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

πŸ“Œ Step 6: Enable and Restart Nginx πŸ”„β€‹

sudo ln -s /etc/nginx/sites-available/elk.asifahmadkhan.com.conf /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl restart nginx

πŸ“Œ Step 7: Allow Nginx Traffic Through Firewall πŸ”₯​

sudo ufw allow 'Nginx Full'

πŸŽ‰ Final Step: Access Kibana βœ…β€‹

Open your browser and visit:

http://elk.asifahmadkhan.com

Enter your username and password created earlier to access the Kibana dashboard.

πŸ”Ή Ensure your DNS elk.asifahmadkhan.com points to your server’s IP. πŸ”Ή For added security, enable HTTPS using an SSL certificate (e.g., Let’s Encrypt).

βš™οΈ If You Can’t Access via IP:5601​

Edit your Kibana configuration file:

sudo vi /etc/kibana/kibana.yml

Change this line:

server.host: "localhost"

to:

server.host: "0.0.0.0"

πŸ—‚ Example Kibana Configuration File​

root@ip-172-31-11-126:/home/ubuntu# cat /etc/kibana/kibana.yml
# For more configuration options see the configuration guide for Kibana

elasticsearch.hosts: ["https://127.0.0.1:9200"]
elasticsearch.username: "kibana_system"
elasticsearch.password: "9nv-mDIWEwz*Uf*k0oD_"
elasticsearch.ssl.verificationMode: none

πŸ” Logs​

Kibana logs are stored in:

/var/log/kibana/kibana.log

Check if Kibana is running:

ss -ltnp | grep 5601
curl -I http://127.0.0.1:5601

πŸ”§ Elasticsearch Integration with Kibana​

Create Enrollment Token:​

/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana

Get Verification Code:​

sudo /usr/share/kibana/bin/kibana-verification-code

πŸ” Verify Elasticsearch Credentials​

Check if your Elasticsearch username and password work:

curl -u YOUR_USERNAME:YOUR_PASSWORD -k "https://ELASTICSEARCH_HOST:9200/_cluster/health?pretty"

Example:

curl -u elastic:Sr7iGymZ*_f41jb_Ybuf -k "https://localhost:9200/_cluster/health?pretty"

πŸ”„ Reset Elasticsearch Password​

If needed, reset the elastic user password:

sudo /usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic