By default, Stack Monitoring is enabled, but data collection is disabled.
When you first start Kibana monitoring, you are prompted to enable data
collection. If you are using Elastic Stack security features, you must be signed in as
a user with the
cluster:manage privilege to enable data collection. The
superuser role has this privilege and the built-in
elastic user has
You can adjust how monitoring data is
collected from Kibana and displayed in Kibana by configuring settings in the
kibana.yml file. There are also
which support the same values as Kibana configuration settings.
To control how data is collected from your Elasticsearch nodes, you configure
elasticsearch.yml. To control how monitoring data is collected
from Logstash, configure monitoring settings in
For more information, see Monitor a cluster.
General monitoring settingsedit
Deprecated in 7.11.0.
When enabled, sends email notifications for Watcher alerts to the specified email address. The default is
- [7.11.0] Deprecated in 7.11.0. When enabled, specifies the email address where you want to receive cluster alert notifications.
true(default) to enable cross-cluster search of your monitoring data. The
remote_cluster_clientrole must exist on each node.
Specifies the location of the Elasticsearch cluster where your monitoring data is stored.
By default, this is the same as
elasticsearch.hosts. This setting enables you to use a single Kibana instance to search and visualize data in your production cluster as well as monitor data sent to a dedicated monitoring cluster.
Specifies the username used by Kibana monitoring to establish a persistent connection in Kibana to the Elasticsearch monitoring cluster and to verify licensing status on the Elasticsearch monitoring cluster when using
All other requests performed by Stack Monitoring to the monitoring Elasticsearch cluster uses the authenticated user’s credentials, which must be the same on both the Elasticsearch monitoring cluster and the Elasticsearch production cluster.
If not set, Kibana uses the value of the
Specifies the password used by Kibana monitoring to establish a persistent connection in Kibana to the Elasticsearch monitoring cluster and to verify licensing status on the Elasticsearch monitoring cluster when using
All other requests performed by Stack Monitoring to the monitoring Elasticsearch cluster use the authenticated user’s credentials, which must be the same on both the Elasticsearch monitoring cluster and the Elasticsearch production cluster.
If not set, Kibana uses the value of the
Specifies a service account token for the Elasticsearch cluster where your monitoring data is stored when using
monitoring.ui.elasticsearch.hosts. This setting is an alternative to using
Specifies the time in milliseconds to wait for Elasticsearch to respond to internal
health checks. By default, it matches the
elasticsearch.pingTimeoutsetting, which has a default value of
Shares the same configuration as
elasticsearch.ssl. These settings configure encrypted communication between Kibana and the monitoring cluster.
Monitoring collection settingsedit
These settings control how data is collected from Kibana.
true(default) to enable data collection from the Kibana NodeJS server for Kibana dashboards to be featured in Stack Monitoring.
Specifies the number of milliseconds to wait in between data sampling on the
Kibana NodeJS server for the metrics that are displayed in the Kibana dashboards.
Monitoring UI settingsedit
These settings adjust how Stack Monitoring displays monitoring data. However, the defaults work best in most circumstances. For more information about configuring Kibana, see Setting Kibana server properties.
Specifies the number of log entries to display in Stack Monitoring.
10. The maximum value is
falseto hide Stack Monitoring. The monitoring back-end continues to run as an agent for sending Kibana stats to the monitoring cluster. Defaults to
Specifies the name of the indices that are shown on the
Logs page in Stack Monitoring. The default value
Deprecated in 8.1.1.
Used as a workaround to avoid querying
metricbeat-*indices which are now no longer queried. The default value is
Specifies the number of term buckets to return out of the overall terms list when
performing terms aggregations to retrieve index and node metrics. For more
information about the
sizeparameter, see Terms Aggregation. Defaults to
Specifies the minimum number of seconds that a time bucket in a chart can
represent. Defaults to 10. If you modify the
elasticsearch.yml, use the same value in this setting.
Specifies how many seconds can pass before the Kibana status reports are considered stale.
Monitoring UI container settingsedit
Stack Monitoring exposes the Cgroup statistics that we collect for you to make better decisions about your container performance, rather than guessing based on the overall machine performance. If you are not running your applications in a container, then Cgroup statistics are not useful.
For Elasticsearch clusters that are running in containers, this setting changes the
Node Listing to display the CPU utilization based on the reported Cgroup
statistics. It also adds the calculated Cgroup CPU utilization to the
Node Overview page instead of the overall operating system’s CPU
utilization. Defaults to
For Logstash nodes that are running in containers, this setting
changes the Logstash Node Listing to display the CPU utilization
based on the reported Cgroup statistics. It also adds the
calculated Cgroup CPU utilization to the Logstash node detail
pages instead of the overall operating system’s CPU utilization. Defaults to
Intro to Kibana
ELK for Logs & Metrics