Product release

Kibana 5.4.0 released

Hello, and welcome to the 5.4.0 release of Kibana!  The 5.3.0 release was big and 5.4.0 is even bigger. We have amazing new features like the Time Series Visual Builder, new Create Visualization UX, View/Edit mode for Dashboards, and Derivative and Moving Average for Visualizations. We also have lots of bug fixes and UX improvements.

Kibana 5.4.0 is available on our downloads page and on Elastic Cloud. When you’re finished reading, take a look at the complete release notes for all the goodies.

Create Visualization

We've redesigned the "Create Visualization" wizard. We've grouped the different visualization types into buckets and created unique icons for each visualization type, making it easier for you to find the type of visualization you're looking for.e48328b4-2bec-11e7-9cd7-d98323a68047.png

View/Edit mode for Dashboards

We've introduced view and edit modes for your Dashboards. Now when you first open a dashboard, you'll be in view mode.bcb9e4ca-2e4a-11e7-8bab-c0af8b74199c.pngIn order to make edits and save them, you'll have to enter edit mode by clicking the edit button in the top navigation. bcba4cc6-2e4a-11e7-8ef4-b16911f11e21.pngHaving these modes allows us to optimize the experience for users whose job is primarily to view the dashboards. This means no more distracting borders and edit controls on mouse over, and no more accidental changes. You'll also be able to discard edits by clicking cancel. Saving a dashboard will automatically bring you back into view mode.

Time Series Visual Builder 

Time Series Visual Builder provides a specialized user interface for working with time series data. It allows you  to build up analytics based on time-series in a visual way and uses pipeline aggregations in Elasticsearch to fully distribute all of the computation. While support for some of the pipeline aggregations is available in traditional Visualize charts, with Time Series Visual Builder, we wanted to provide a curated experience focused specifically on working with time series data. Assuming that you're visualizing a time-series simplifies the user interface and saves users many steps when building up these types of charts. Time Series Visual Builder also adds some unique features, such as confidence bands and annotations, specific to the time-series use case. Time Series Visual Builder is marked “experimental” in Kibana 5.4, which means that we may change or modify this feature in the future, and do not guarantee backward compatibility of charts built using this visualization type until it becomes available in GA. To see a great demo of Time Series Visual Builder have a look at this presentation from Elastic{ON} 2017:  Kibana Visualizations Deep Dive.8656f0d2-2e4d-11e7-89f3-6a2ed21cabe7.png

8654f778-2e4d-11e7-94bb-6e2f5994a640.png

86559f8e-2e4d-11e7-9223-86002171d58f.png

Event Context

Event Context most commonly comes up when you're tracking a system problem through thousands of log messages. The idea is that once you’ve filtered down on a number of events (for example error messages) , you'll want to see some of the events around each of those in order to see what happened before and after the error. The feature in 5.4 allows user to see global context, and we are working to allow you to further filter this context down (for instance to logs coming from a specific server) in a future PR: #1146675f9f7fe-2e5f-11e7-98f0-9df4f91af58b.png

787b117a-2e5f-11e7-946b-00e5f617acc0.png

Geo-Centroid

Kibana now uses the geo-centroid of the results to place results on a map. The result is a more natural looking map with fewer visual artifacts. It avoids the "grided"-look from earlier versions. The map now also supports panning and zooming with touchscreens, as well as bug fixes that improve stability.bb5a139e-2c37-11e7-8ef9-b1ffbec527f1.png

Visualize Moving Average, Derivative, and More...

Visualizations like line, bar, and area charts now support most of Elasticsearch's pipeline aggregations, including most of the parent and sibling aggregations. These aggregations give you a new view into your data. For example, the moving average aggregation allows you to smooth over outlier data points over time and the derivative aggregation enables you to display rate of change.3d1aa8ae-2e8a-11e7-96ba-8e1f91eed9a6.png

Big Improvements in Visualize

In Visualize, the ability for users to customize and style charts has been greatly improved. Users can now overlay multiple chart types on a single plot, use horizontal layouts, and modify the styling of axes and grid-lines. For more about these improvements check out "New Kibana Visualizations: Heatmap and Point Series."

ecc8472a-2e85-11e7-9c35-bd02be93e080.png

X-Pack Watcher UI

The X-Pack Watcher UI allows you to do basic operations on watches. The watch list screen shows you all of the watches that are currently in the system; allowing you to sort and filter them, and shows a high-level status of each watch. The watch detail and watch history detail pages show a detailed view of a watch and specific watch execution respectively. The watch edit page allows you to create a new or edit an existing watch, and also allows you to simulate the watch to see how it behaves.

08b500a4-2e5e-11e7-9b04-f1a57de0c8b0 (1).gif

X-Pack Monitoring Cluster Alerts

“Alert me when my Elasticsearch cluster state is red!”

You asked, we heard. 

Our X-Pack monitoring users wanted to create alerts based on the monitoring data. We thought then, wouldn’t it be nice if we created alerts for common cluster problems to make your life easier? So we did. We worked hard to provide the easiest experience to proactively become aware of cluster issues, and we’re very proud of the result of our effort. We think you’ll love it too.

For this first-class feature in X-Pack monitoring, we leveraged X-Pack alerting as it is the best way to have periodic checks on Elasticsearch data. When you click on the Monitoring app, you will see any active alerts as part of the overview of your Elastic Stack. In the 5.4.0 release, we’re shipping with four alerts to get this rolling: Elasticsearch cluster state (red or yellow), and mismatching versions of Elasticsearch nodes, Kibana instances, or Logstash nodes in your cluster. Worry not, there will be more! In future releases, we plan to provide alerts for X-Pack license expiration approaching; Elasticsearch shards approaching maximum size limits; CPU, memory, and disk utilization; and the holy grail: nodes joining and leaving the cluster.

If you’re already using X-Pack alerting, you can take advantage of extending these alerts to get notified in a way you’d like. If you’re not using X-Pack alerting yet, you can get a head start with the built-in Watches we made for you!

Monitoring_5.4.0-Overview.png