Reporting configuration

edit

Reporting configuration

edit

You can configure settings in kibana.yml to control how the reporting features communicate with the Kibana server, manages background jobs, and captures screenshots. See Reporting Settings for the complete list of settings.

Encryption keys for multiple Kibana instances

edit

By default, a new encryption key is generated for the reporting features each time you start Kibana. This means if a static encryption key is not persisted in the Kibana configuration, any pending reports will fail when you restart Kibana.

If you are load balancing across multiple Kibana instances, they need to have the same reporting encryption key. Otherwise, report generation will fail if a report is queued through one instance and another instance picks up the job from the report queue. The other instance will not be able to decrypt the reporting job metadata.

To set a static encryption key for reporting, set the xpack.reporting.encryptionKey property in the kibana.yml configuration file. You can use any alphanumeric, at least 32 characters long text string as the encryption key.

xpack.reporting.encryptionKey: "something_secret"

Report indices for multiple Kibana workspaces

edit

If you divide workspaces in an Elastic cluster using multiple Kibana instances with a different kibana.index setting per instance, you must set a unique xpack.reporting.index setting per kibana.index. Otherwise, report generation will periodically fail if a report is queued through an instance with one kibana.index setting, and an instance with a different kibana.index attempts to claim the job.

Kibana instance A:

kibana.index: ".kibana-a"
xpack.reporting.index: ".reporting-a"
xpack.reporting.encryptionKey: "something_secret"

Kibana instance B:

kibana.index: ".kibana-b"
xpack.reporting.index: ".reporting-b"
xpack.reporting.encryptionKey: "something_secret"

If security is enabled, the xpack.reporting.index setting should begin with .reporting- in order for the kibana_system role to have the necessary privileges over the index.

Use reverse proxies

edit

If your Kibana instance requires a reverse proxy (NGINX, Apache, etc.) for access, because of rewrite rules or special headers being added by the proxy, then you need to configure the xpack.reporting.kibanaServer settings to make the headless browser process connect to the proxy in Kibana server settings.

A headless browser runs on the Kibana server to open a Kibana page for capturing screenshots. Configuring the xpack.reporting.kibanaServer settings to point to a proxy host requires that the Kibana server has network access to the proxy.