06 Oktober 2014 Neuigkeiten

Kibana 4 Beta 1 Released

Von Rashid Khan

We’re proud delighted jazzed uncontrollably excited over the top ecstatic pretty darn happy, to share the future of Kibana, and the first beta release of Kibana 4 with you today.

Please note: This is beta software. It we do our best to make things great, but this should not be used in production.

I want it now! Gimmie!

Get it HERE, see the README.md for the new (easier!) installation procedure. That said, you really should read the rest, there’s some great tips down there.

Welcome to Kibana 4

We’re taking the long road with Kibana 4: You can expect to see several beta releases, each with new features, visualizations and enhancements. We combed over feedback, mailing lists, IRC and the Github issues to compile the features that made it into Beta 1, and we think we hit a lot of the biggies. We’re already hard at work on Beta 2 and we’re happy to share our roadmap with you, simply checkout the “Roadmap” tagged issues in Github. As always, your feedback is crucial in making sure we get it right.

In addition to your feedback we took a step back to consider how people look at data, and further, how they solve real problems. We found that one question will lead to others and those questions will lead to yet more. If you attended Monitorama, or any of a handful of Elasticsearch meet ups, you may have already seen the Kibana 4 proof of concept demo that allowed you to progressively create ever more complex charts. Kibana 4 takes that PoC and expands it to dozens of new features that allow you to compose questions, get answers, and solve problems like never before.

That level of composability can be found throughout Kibana 4 in the way aggregations, searching, visualizations and dashboards fit together. To simplify and streamline composition we’ve broken out Kibana 4 into three distinct interfaces, all working together, each adept at answering a unique set of questions.

A familiar face

If you’re a long term Kibana user you will recognize and feel right at home in the Discover tab.

Discover

Discover functions much like a traditional search interface with a list of documents and a timeline of events. Type in a search, hit enter and let Kibana dig through your Elasticsearch index. Speaking of indices, a quick drop down allows you to quickly switch between indices while you search. If you want to switch back, click your browser’s back button and you’re there. Don’t like your new search terms? The old ones are a back button click away, or available in the history of the search field.

And speaking of searches, feel free to type either Lucene Query String syntax or, an oft requested feature, Elasticsearch JSON queries into that search box. We know JSON can be tricky to type out, so whether you use Lucene Query Strings, or JSON, we’ll validate the syntax for you before shipping it off to Elasticsearch. And that holds true no matter where you type a query in Kibana 4.

Those queries can also be saved for later. Importantly, queries are no longer bound to the dashboard, they can be recalled in Discover, or even tied to a visualization which is later put on a dashboard. Plus, the query is always passed in the URL, no matter what screen you’re on, so linking to queries is super easy.

I’m here for the charts

The Visualize tab of Kibana 4 is the culmination of that long-in-the-tooth proof of concept I talked about earlier. Kibana 4 brings the power of Elasticsearch’s nested aggregations to the click of a mouse. Maybe I want to know what countries are hitting my site, when they’re doing so and whether or not they are authenticated. I can ask that question, and see how the answers relate to each other all within a single request on a single canvas:

While Kibana 3 could only show time on the histogram panel, and terms on bar chart, Kibana 4 can make use of multiple Elasticsearch aggregations. These include both bucket and metric aggregations, including the much anticipated cardinality (aka unique count) aggregation, and support for more is on the way. We had to build an entirely new visualization framework to deal with the complexity of aggregations. Right now there are three supported types: Bar charts, line charts and sunburst charts. Fear not! More are on the way! You can expect new visualization with every beta release of Kibana 4.

Sunburst charts are like a multi-level pie chart. In theory they have infinite rings.

Bar charts are now for more than time. Here we show file size ranges broken down by file extension.

By now you may have noticed that little gray bar at the bottom of every visualization. Click it to see the data that backs the chart, and, by popular demand, export it to CSV for analysis elsewhere. You can also see both the elasticsearch request, and the elasticsearch response here, as well as how long the request took to process.

Visualizations can be interactively searched, allowing you to modify your query as you build the chart. They can also be tied to a saved query that was created in the Discover tab. This allows you to tie one query to multiple visualizations and update a single query if you need to update the search parameters. For example, if you had several charts that deal with images you may have a query that says

png OR jpg

saved as "Images". If you start supporting animated gifs, you need only update your “Images” and save it for the changes to apply to any chart that is tied to the “Images” query.

Extension by file size

Show me more charts!

Of course, you can still create amazing dashboards, but now they’re even easier to create and maintain. Gone are the cluttered config dialogs. Any panel added to a dashboard can be created in the Visualize screen, saved, and reused multiple times. Much like one saved query can live on many visualizations, one saved visualization can live on multiple dashboards. If you need to update a visualization you can do it in one place, and your changes will be applied to every dashboard applicable.

Further, while queries and visualizations are bound to a selected index, dashboards are not! One dashboard can have visualizations from many indices. That means you can have data from say, your users index, right next to data about your web traffic. Sales data can live next to marketing research and that can live next to the logs from your weather station, all on the same screen!

Awesome dashboard

And so much more

We can’t fit it all in a blog post, so go grab the beta and give it a shot: HERE. If you’re coming from Kibana 3 we’ve put together a short FAQ that we’ll be expanding on as needed: HERE. As always, we want your feedback, we used it every single day while building Kibana 4 and we’ll continue to use it every day as we make Kibana better, faster and easier.