14 novembre 2017 Sorties

Kibana 6.0.0 is released

Par Jim Goodwin

Welcome to the GA release of Kibana 6.0.0!

With 1,280 pull requests by 208 contributors added since the release of Kibana 5.0.0, we are proud and happy to announce the release of Kibana 6.0.0 GA.

We'd like to thank all the Elastic Pioneers who tested early versions and reported bugs helping to make this a great release of Kibana!

This release has a lot of new features including:  

  • CSV Export
  • New Colors to Improve Accessibility
  • Watcher UI for Threshold Based Alerts
  • Full Screen Mode for Dashboard
  • Dashboard Only Mode
  • X-Pack Monitoring Email Notifications for Cluster Alerts
  • Cluster Alert for X-Pack License Expiration
  • Experimental Kibana Query Language (Kuery)
  • Refactor of the Visualization Code

CSV export

Did someone say CSV export? We’re pretty sure we heard someone ask for CSV export. Just to be safe, we built CSV export.

Search for the documents you want to export in the Discover app, and then export matching documents as a CSV file via the reporting menu. CSV export comes with X-Pack basic, which is our free license.

New Colors to Improve Accessibility

In 6.0 we made changes across Kibana to improve Accessibility, one of those efforts is to make the colors in the UI have appropriate contrast for folks who have different forms of color blindness. We've redone the styling for Kibana to address these issues. Here are some sample screens:

Screen Shot 2017-07-28 at 1.27.14 PM.png 

Screen Shot 2017-07-28 at 1.26.42 PM.png 

We've also improved screen reading and keyboard navigation throughout Kibana:

Jul-27-2017 17-26-29.gif

[Continue reading: Making Kibana Accessible]

Watcher UI for Threshold Based Alerts

We've introduced a new UI for creating and editing alerts based on thresholds. It includes a builder experience with type-ahead suggestions and graphical feedback based on previewing the alert constraints. It supports sending alert messages with template values to the log, email, or slack. See the demonstration animation below for a quick look at the new functionality:

28726948-dbf87256-7388-11e7-88ea-7dbfa4f8c4c7.gif

[Creating a threshold alert in Elasticsearch is simpler than ever]

Full Screen Mode for Dashboard

You can now enter full screen mode when viewing a dashboard. This hides the browser chrome and the top nav bar. If you have any filters applied, you'll see the filter bar, otherwise that will be hidden as well. To exit full screen mode, hover over and click the Kibana button on the lower left side of the page, or simply press the ESC key. This mode complements the Dashboard Only Mode introduced in alpha2, and together they make a great solution for monitors in NOCs, SOCs and other Kiosks around the office!

Jul-27-2017 17-04-50.gif 

Dashboard Only Mode

Ever wish you could share your Kibana dashboards without the risk of someone accidentally deleting or modifying them? Do you want to show off your dashboards without the distraction of unrelated applications and links? In version 6.0 we’re making it easier than ever to set up a restricted access user, with limited visibility into Kibana.

It’s already possible to create read only users, but new in 6.0 is a UI to match, and we’ve made it simple to set up. All you have to do is assign the new, reserved, built-in kibana_dashboard_only_user role, along with the appropriate data access roles, to your user and they will be in dashboard only mode when they log in to Kibana.

[Continue reading:  Kibana Dashboard Only Mode]

X-Pack Monitoring Email Notifications for Cluster Alerts

Cluster Alerts in Monitoring was added in the 5.4 release, but until now the alerts only appeared on the Overview page of the Monitoring app. This new feature allows you to receive email notifications when the alerts are triggered. To use it, go to the Advanced Settings page in Kibana Management, enter an email address for `xpack:defaultAdminEmail`, and click Save:

image.png

The built-in alerts will send an email to that address when they initially trigger, and when they're resolved. 

image (1).png

image (2).png 

Using this feature does require that your Elasticsearch nodes are configured for the ability to send emails from watches. If you haven't set that up yet, take a look at the X-Pack documentation for "Configuring Email Accounts": https://www.elastic.co/guide/en/x-pack/current/act... 

Cluster Alert for X-Pack License Expiration
When we released the first phase of Cluster Alerts, we promised there will be more alert types to come, and we're delivering on that promise with the new X-Pack License Expiration alert. This alert will tell you when your X-Pack license is close to expiration. It starts as a low-priority alert when expiration is 30 days away, becomes a medium-priority alert when expiration is 15 days away, then becomes a high-priority alert when the expiration is 7 days away.

image (3).png 

Experimental Kibana Query Language


In #12282 we introduce an Experimental Kibana Query Language it is disabled by default and can be enabled through the Kibana configuration. 

Kibana currently provides four different search mechanisms with overlapping responsibilities:

  1. Lucene query syntax in the query bar
  2. Query DSL in the query bar
  3. Filters created via the UI (which could include custom query DSL if edited)
  4. Console

Exposing the Lucene query syntax and the query DSL to users creates a few problems. Since we don't control the query syntax we can't implement features that would require introspection into a user's query. This includes things like:

  1. Safe and seamless migrations of saved searches when ES search APIs change
  2. Typeahead/autocomplete in the query bar
  3. Dynamic help text

We could solve these problems by building a model in Kibana to represent raw Elasticsearch queries, but there are other advantages to building our own query language:

  1. We can support query types that are available in the ES query DSL that are not supported by the Lucene query syntax
  2. We can implement functionality that is beyond the scope of the Lucene query syntax, e.g. support for aggregations and visualizations in the query language
  3. We can provide finer grain controls for admins to restrict access to expensive queries, e.g. leading wildcards or regexes
  4. We can add support for scripted fields to the language
  5. We can unify the query bar and the filter bar, eliminating confusion about when to use one or the other

So, we hope you'll turn on the Kibana Query Language and give it a spin and send us feedback!

[Continue reading: Building a Better Search Experience in Kibana]

Refactoring of the Visualizations Code

When creating new visualizations, developers are no longer restricted to using just Angular as a rendering technology. The code now also enables developers to create custom editors that do not conform to the current sidebar-layout. Commonly used functionality - such as access to the query bar or time filter - is now also exposed on the visualization object. This avoids the need to import individual modules from inside Kibana. These changes are a first step in a longer term effort to provide a robust long-lived programming interface for building visualizations in Kibana.

issue_11786_0.JPG

[Watch the webinar: Developing Kibana Visualizations]

Conclusion

Please download Kibana 6.0.0, try it out, and let us know what you think on Twitter (@elastic) or in our forum. You can report any problems on the Github issues page.