ELK Visualizations

0

47 views
After falling in love with the built in Kibana dashboard I am now working on building an ELK server to roll up data from multiple Insight devices.  I have the server up and have imported the dashboards.  All the panels in every dashboard give the error:

Could not locate that visualization

When I look at Visualizations under settings it appears that these are not imported with the dashboard.json.  Is there a way to pull in these visualizations?  Any help would be appreciated.
 
asked October 18, 2017 08:41 AM
By:
Keith McLaren

 

3 Answers

0
Best answer
 

Hi Keith,


We suspect the problem has to do with importing the dashboards through the kibana UI. There seems to be a limit on the number of objects it can import that way.

We have put a tar file on our ftp server that contains the dashboards, indexes, and a script to programmatically import them.  

ftp://wpupload:packetup@wps-ftp.savvius.com/dash_init.tar.gz

unzip and untar the file on your ELK server with "tar -xvzf dash_init.tar.gz". cd to the data folder and run init.py. It will install the dashboard.json and index.json files that are in the data folder.

These dashboards are for the latest release of Insight, so make sure all of your Insight devices are updated to the latest release. This can be done through the Insight web config page.

flag
answered October 18, 2017 11:26 AM
By: Chris Bloom
0
 
Hi Andras and Keith,

Another possibility is to run the init.py script  on the insight, but first change the ES_HOST from localhost, to the IP address of your remote ELK v4 server.

ES_HOST = 'http://10.1.2.3:9200'

However, this will require that you also, at least temporarily, change the network.host entry in the elasticsearch.yml file on the remote machine from localhost to 0.0.0.0 to allow remote connections. 

network.host: 0.0.0.0

Andras is right though. The dashboard.json and index.json are for 4.6.3. The init.py script and the json files will not work with v5. For one, elastic changed the strings from .raw to .keyword.  There may be other changes as well.
flag
answered October 19, 2017 08:49 AM
By: Chris Bloom
0
 
Not an answer, a continuation of the question.

I am running an ELK stack (5.6.1) on Centos7 and can't get the init.py script to even act like it's working. What version of Python is the script built for? Also, are there any plugins (such as for elasticsearch) that are installed in Python for this one?

I'm also concerned that the visualizaitons for Insight are based on the ELK 4 stack. Do you know if there is a working copy of the visualizations for the 5 stack?

Thanks.
flag
answered October 19, 2017 07:44 AM
By: Andras Bellak

Your answer


Preview
Contact Us Savvius Blog Follow Savvius on Twitter Like Savvius on Facebook Follow Savvius on LinkedIn Follow Savvius on YouTube Follow Savvius on Slideshare

Alert