Kibana is very helpful in creating visualizations of the data in Elasticsearch indecis. Kibana makes it easy to understand large volumes of data. Its simple, browser-based interface enables you to quickly create and share dynamic dashboards that display changes to Elasticsearch queries in real time.

Kibana may sound new to some users so I will give a brief intro about how it works. After getting your data indexed in Elasticsearch, you can visualize it in different forms such as Pie charts, Bar charts, Timeseries, etc. To be able to see your data on Kibana you need to add new index on kibana with the same name as your index in Elasticsearch.

After creating index the data can be seen under discover on kibana’s web interface. An example of discover is shown below.

Discover

Here, you can see the Index pattern (Name of the index same as in ElasticSearch), Query bar (query data on the basis of lucene syntax), Time picker (shows the data according to some time range), etc.

Kibana supports a lot of visualizations, few can be seen here.

Visualizations

All the visualization can be grouped into a dashboard to get a better view of data at an instant. A Kibana dashboard displays a collection of visualizations and searches. You can arrange, resize, and edit the dashboard content and then save the dashboard so you can share it.

Dashboard

We can create visualizations by using kibana's web interface. But here I will tell how to automate it using Python or any other language. Kibana's visualizations are stored in the ".kibana" file on the system where it is installed. All the visualizations and dashboards are stored in ".kibana" file. So, if we run a curl request and manipulate URL then we can create visualizations. The details regarding the visualizations are stored in a JSON file and it is being imported using requests.

Python script

Here, I am creating visualization for IRQ, we can create dashboard using the same code with different JSON file.

JSON for Visualization (IRQ)

JSON for Dashboard