Kibana 's long - awaited feature, the ability to CSV - export search results on the Discover tab. It is finally implemented from Version 6. I can not wait for the GA release, I tried the Alpha version.
Kibana 6.0.0-alpha2 is released | Elastic Blog
CSV export
Did someone say CSV export? We’re pretty sure we heard someone ask for CSV export. Just to be safe, we built CSV export.
Search for the documents you want to export in the Discover app, and then export matching documents as a CSV file via the reporting menu. CSV export comes with X-Pack basic, which is our free license.
- CSV export
- Evaluate Elastic Stack Ver 6.0.0
- CSV Export operation check
- Conclusion - Evaluate Reporting CSV Export function of Kibana 6.x
Evaluate Elastic Stack Ver 6.0.0
Elastic Stack Ver 6.0.0 has been released alpha 2 version as of 2017 / July. Please note that due to alpha release at the time of this article the screen etc. may be changed.
The CSV export function is provided within the free range of X-Pack Reporting .
Build Kibana + Elasticsearch with Docker container for verification. The docker-compose.yml file is as follows. The setting is given as an environment variable, and X-Pack Security is invalidated. (Yum can also be installed by installing Elastic's repository)
$ sudo vi ./docker-compose.yml
version: '2.1'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:6.0.0-alpha2
container_name: els_60
environment:
- bootstrap.memory_lock=true
- xpack.security.enabled=false
- xpack.monitoring.history.duration=1d
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- "network.host=0.0.0.0"
- "http.host=0.0.0.0"
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
mem_limit: 1g
memswap_limit: 1g
volumes:
- es_data1:/usr/share/elasticsearch/data
ports:
- 9200:9200
networks:
- kibana_net
kibana:
image: docker.elastic.co/kibana/kibana:6.0.0-alpha2
container_name: kibana_60
environment:
SERVER_NAME: "kibana.designet.local"
ELASTICSEARCH_URL: "http://els_60:9200"
XPACK_MONITORING_ELASTICSEARCH_URL: "http://els_60:9200"
XPACK_SECURITY_ENABLED: "false"
ports:
- 5606:5601
networks:
- kibana_net
depends_on:
- elasticsearch
links:
- elasticsearch
volumes:
es_data1:
driver: local
networks:
kibana_net:
CSV Export operation check
You can export the saved searches from the Discover tab by Reporting > Generate CSV by setting up the index import setting in the activated Elasticsearch, Kibana.
After downloading the generated CSV file, you can obtain CSV format file as follows.
timestamp,"source_node.ip","source_node.name","cluster_state.status","_type" "2017-07-17T09:54:16.189Z","172.19.0.2",SstbTYy,,"index_stats" "2017-07-17T09:54:16.189Z","172.19.0.2",SstbTYy,,"index_stats"
Previously exported as PDF, exporting with CSV became possible, external collaboration is easy.
Note that the Report function can not be used with the index open simply on the Discover tab, the following message will be displayed.
Please save your work before generating a report.
Therefore, select the Fields and save it before using Reporting function.
Virtual memory error handling
When working Elasticsearch in Docker, it is necessary to extend Virtual Memory as shown here.
els_60 | ERROR: [1] bootstrap checks failed els_60 | [1]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
Conclusion - Evaluate Reporting CSV Export function of Kibana 6.x
I tried the CSV Export function included in Kibana 6.x's X-Pack Reporting. Since it was possible to operate as expected, application of original patches so far is unnecessary, and it will suffice to apply X-Pack. Although it is X-Pack, it can be used within a free range, so it can be used without hurdles.
