X-Pack Reporting Settings in Kibana | Kibana User Guide [6.2]

WARNING: Version 6.2 of Kibana has passed its EOL date.

This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.

› › ›

« Machine Learning Settings in Kibana Breaking Changes »

X-Pack Reporting Settings in Kibanaedit

You can configure xpack.reporting settings in your kibana.yml to:

General Reporting Settingsedit

xpack.reporting.enabled: Set to false to disable X-Pack reporting.
xpack.reporting.encryptionKey: Set to any text string. By default, Kibana generates a random key when it starts, which causes pending reports to fail on restart. Configure this setting to use the same key across restarts.

Kibana Server Settingsedit

Reporting uses the Kibana interface to generate reports. In most cases, you don’t need to configure Reporting to communicate with Kibana. However, if you use a reverse-proxy to access Kibana, you must set the proxy port, protocol, and hostname.

xpack.reporting.kibanaApp: The root path used to access Kibana, defaults to /app/kibana.
xpack.reporting.kibanaServer.port: The port for accessing Kibana, if different from the server.port value.
xpack.reporting.kibanaServer.protocol: The protocol for accessing Kibana, typically http or https.
xpack.reporting.kibanaServer.hostname: The hostname for accessing Kibana, if different from the server.name value.

Background Job Settingsedit

Reporting generates reports in the background and jobs are coordinated using documents in Elasticsearch. Depending on how often you generate reports and the overall number of reports, you might need to change the following settings.

xpack.reporting.queue.indexInterval: How often the index that stores reporting jobs rolls over to a new index. Valid values are year, month, week, day, and hour. Defaults to week.
xpack.reporting.queue.pollInterval: How often idle workers poll the index for pending jobs. Defaults to 3000 (3 seconds).
xpack.reporting.queue.timeout: How long each worker has to produce a report. If your machine is slow or under heavy load, you might need to increase this timeout. Specified in milliseconds. Defaults to 30000 (30 seconds).

Capture Settingsedit

Reporting works by capturing screenshots from Kibana. The following settings control the capturing process.

xpack.reporting.capture.loadDelay: When visualizations are not evented, this is the amount of time before taking a screenshot. All visualizations that ship with Kibana are evented, so this setting should not have much effect. If you are seeing empty images instead of visualizations, try increasing this value. Defaults to 3000 (3 seconds).
xpack.reporting.capture.browser.type: Specifies the browser to use to capture screenshots. Valid options are phantom and chromium. When chromium is set, the settings specified in the Chromium settings are respected. Defaults to phantom.

Chromium Settingsedit

When xpack.reporting.capture.browser.type is set to chromium you can also specify the following settings.

xpack.reporting.capture.browser.chromium.disableSandbox: Chromium uses sandboxing techniques that are built on top of operating system provided security mechanisms. The Linux sandbox depends on user namespaces, which were introduced with the 3.8 Linux kernel. However, many distrobutions don’t have user namespaces enabled by default, or they require the CAP_SYS_ADMIN capability.

Elastic recommends that you research the feasibility of enabling unprivileged user namespaces before disabling the sandbox. An exception is if you are running Kibana in Docker because the container runs in a user namespace with seccomp-bpf filters and AppArmor profiles. Default to false

xpack.reporting.capture.browser.chromium.proxy.enabled: Enables the proxy for Chromium to use. When set to true, you must also specify the xpack.reporting.capture.browser.chromium.proxy.server setting. Defaults to false
xpack.reporting.capture.browser.chromium.proxy.server: The uri for the proxy server. Providing the username and password for the proxy server via the uri is not supported.
xpack.reporting.capture.browser.chromium.proxy.bypass: An array of hosts that should not go through the proxy server and should use a direct connection instead. Examples of valid entries are "elastic.co", "*.elastic.co", ".elastic.co", ".elastic.co:5601"

CSV Settingsedit

xpack.reporting.csv.maxSizeBytes: The maximum size of a CSV file before being truncated. This setting exists to prevent large exports from causing performance and storage issues. Defaults to 10485760 (10mB)

Advanced Settingsedit

xpack.reporting.index: Reporting uses a weekly index in Elasticsearch to store the reporting job and the report content. The index is automatically created if it does not already exist. Defaults to .reporting
xpack.reporting.roles.allow: Specifies the roles in addition to superusers that are allowed to access reporting. Defaults to [ "reporting_user" ]

« Machine Learning Settings in Kibana Breaking Changes »