One of the functions that is hardly implemented while being requested by Kibana is export from the Discover screen. Github also has long been requested as an issue.
Among them, there are some people who provide function implementation version as follows.
Here is the screenshot:
In this time I built a feature addition version of Kibana and checked the operation. Also, since it created a Docker container so that it can be introduced more easily, it is made public.
Prerequisites and knowledge of this article are as follows.
- Installing and using Elasticsearch.
- Knows how to change the setting in Kibana.
- Available to use Docker.
By the way, I understand that although the history of Docker is very shallow, it does not reach many points. In addition, since Kibana 5.2.3 is used in this article, it is necessary to adjust the version of Elasticsearch as well.
Build with the noted procedure
Install and set up the export function additional version of Kibana in the procedure you are making public.
I had some problems but I managed to build it.
- Although not described in the explanation,
git clone https://github.com/tongwang/kibana.git
nvm install "$(cat .node-version)"returns does not exist,
~/.nvm/nvm.sh install "$(cat .node-version)"
Kibana’s setting file is
/etc/kibana/config/kibana.yml. Set the server.port, server.host, server.name, elasticsearch.url, (uncomment out kibana.index?).
The method of starting kibana is as follows.
cd /etc/kibana (when cloned kibana into /etc/) npm start
At this time there was a case that Proxy could not access because of how. If
server.host: 0.0.0.0 was specified in kibana.yml, it was redirected to 0.0.0.0. You can now access it by excluding
--dev from the startup options.
vi /etc/kibana/package.json - "start": "sh ./bin/kibana --dev", + "start": "sh ./bin/kibana",
By accessing the designated port by npm start after various settings, you can access Kibana with export function. As you can see again, a screen with export is displayed like this.
I tried exporting at once, but I can download CSV file but it is not output …
When I tried variously, it is useless in a simple Discover state, it seems that it will not be exported unless index is added in the left pane. It suffices if the column is displayed as shown in the next screen.
I could export as follows.
Easy to introduce with the Docker container
To be honest, git clone, build, and introduction hurdles are somewhat expensive (myself was inexperienced and difficult). Also, in the Proxy environment, since communication of Git (Port 9418) occurs, communication can not be made depending on the setting of the Proxy server, and the build can not be completed.
For ease of introduction, I created a pre-built Docker container. However, this is the first time for my own container push to Dockerhub, so I can not optimize it at all. Capacity is also big, but please understand. (About 3 GB)
How to install
The introduction procedure is as follows. Like the official, I would like to be able to specify Elasticsearch’s path with the start option, but it is not implemented. Please edit the setting file.
docker pull daichi703n/kibana-exp-52 docker images // check daichi703n/kibana-exp-52 is exist docker run -d -p 5605:5601 --name some-kibana daichi703n/kibana-exp-52 /sbin/init docker ps -a // CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES // 2098d63548c3 daichi703n/kibana-exp-52 "/sbin/init" 3 minutes ago Up 3 minutes 0.0.0.0:5605->5601/tcp some-kibana docker exec -it some-kibana /bin/bash // logging into docker container cd /etc/kibana/ vi ./config/kibana.yml //adjust on your environment npm start // OK if displayed like below > email@example.com start /etc/kibana > sh ./bin/kibana log [15:41:48.351] [info][status][plugin:firstname.lastname@example.org] Status changed from uninitialized to green - Ready log [15:41:48.424] [info][status][plugin:email@example.com] Status changed from uninitialized to yellow - Waiting for Elasticsearch log [15:41:48.457] [info][status][plugin:firstname.lastname@example.org] Status changed from uninitialized to green - Ready log [15:41:48.494] [warning] You're running Kibana 5.2.3 with some different versions of Elasticsearch. Update Kibana or Elasticsearch to the same version to prevent compatibility issues: v5.2.2 @ 192.168.1.81:9200 (192.168.1.81) log [15:41:49.815] [info][status][plugin:email@example.com] Status changed from uninitialized to green - Ready log [15:41:49.823] [info][status][plugin:firstname.lastname@example.org] Status changed from yellow to green - Kibana index ready log [15:41:49.824] [info][listening] Server running at http://0.0.0.0:5601 log [15:41:49.825] [info][status][ui settings] Status changed from uninitialized to green - Ready
You can use it by accessing
http://<server IP>:<Kibana forwarding port>. The port number can be changed with the -p parameter at container startup.
Conclusion - Kibana5 export search result of Discover tab to CSV
I introduced Kibana with the export function and confirmed that it can export CSV from Discover. Also, because I created a pre-built Docker container, it can be introduced easily.