Kibana 5: A Review of What’s New and Improved


Looking at Kibana 5 for the first time, you can’t help but notice the new and improved design. It’s not just a “facelift” — as many products like to call it — but rather a whole bottom-up redesign of the app.

While the release date of Kibana 5 is not known, I did look at the features of the current alpha version and wanted to share my thoughts with the community.

The Kibana 5 Dashboard

The Kibana team did a great job with the new version’s real estate — it’s a really smart move to put the menu on the left side of the screen and keep it minimized when not in use. This frees up space for the histogram as well as the logs themselves.

kibana 5 discover

The new logo, choice of colors, and subtle loading indicator at the top of the screen are really nice touches too. In addition, I really like how the new Kibana 5 dashboards look. They dropped the borders on all the visualizations and made it look cleaner.

Inside the App

Say that you have just opened the app, and Kibana 5 welcomes you with a message about a missing index pattern. The nice thing about this version is that Elastic has added an “Upload CSV” tab.

If we are not currently receiving data but have a .csv file from our production log files, all we need to do is to drag the file onto the browser screen:

kibana 5 upload csv

Kibana then shows a quick wizard that asks us to approve the mapping for the data and give the file a name. Finally, we can hit “upload” — and it’s there! All of the data from our file can be seen in the Discover window:

kibana 5 data wizard

kibana 5 data mapping

The Discover Window

Compared to Kibana 4, there are some small functionality changes in the Discover window in Kibana 5. One of them is that whenever data is not time-based, we do not have a histogram that shows the number of logs that have been received over time. Kibana seems to want to save precious real estate here.

In addition, when we open a single log, we can click on an asterisk icon next to any specific field to filter logs with that field quickly.

Above the log, there is a link to the specific log message. In previous versions of Kibana, this link went directly to Elasticsearch, returning the actual JSON via a browser GET request to the Elasticsearch server.

In Kibana 5, this has changed to a custom view that shows the specific log. The great advantage is that organizations that do not want to expose their Elasticsearch servers for security reasons can still allow people to send a link to a specific log message:

kibana 5 log message

The Visualizations and Dashboards

I cannot help but mention again that the visualization editor is much nicer than the one in Kibana 3 and 4. It almost feels as if they have improved the functionality as well!

Once you created a dashboard or visualization and wanted to share it with someone in the past, Kibana would generate a really long link. In Kibana 5, there is a small button in the share dialog that generates a shortened URL for you instead. This is a much more user-friendly way to share and embed dashboards and visualizations.

Each dashboard also has a “theme” setting. You can choose to display a dashboard using a dark theme, which instantly switches the view to a black background with the light colors in the foreground. Users have been wanting this feature for quite a while:

kibana 5 dark theme

In the main menu, you will also find a new button named “Console.” Those of you who have used Elasticsearch for a few years already are probably familiar with the Chrome extension called “Sense.” For some reason, Elastic decided to discontinue this plugin. Instead, they added it to the Marvel app and then moved it into Kibana as a default tab:

chrome console sense tab

chrome console sense tab

This is by far the most comfortable way to run Elasticsearch queries. It has a comfortable UI and a great auto-complete, which makes writing queries a breeze. (If you’re not using Kibana 5 yet but still want the Sense plugin back, then just refer to this post about a standalone version that does not even require Kibana to run.)

The Management Tab

In the management tab in Kibana, you can see a collection of the files that you have uploaded with associated data as well as the Elasticsearch indexes to which you are actively sending logs. You can easily switch between them and view the data files again.

The Code

Up until now, I mentioned some cool new features in Kibana 5, but I did not talk about the code — which got a complete “makeover” as well. A lot of new nodejs code has been inserted, and the architecture has improved a lot!

I won’t go into more detail here because I can go more in-depth in a future post. But I’ll just mention that the Elastic team did a great job of improving the code base. It seems very robust and ready for additional improvements. They took advantage of the nodejs cluster API to scale the node process and used the hapijs framework for handling REST.

Elastic also split the code into “plugins” – basically, each option in the main menu is a plugin. The Discover, Visualize, Dashboard, Console, and Settings tabs are all separate plugins. As a result, it’s easier than ever to add code to Kibana. Just create a new plugin that can be self-contained in a single directory — there is even a simple CLI utility that can install and uninstall the plugins.

Kibana 4 vs. 5

There is little doubt that Kibana 5 is a huge improvement over Kibana 4 and an important upgrade to the ELK Stack as a whole (see our entire review of the ELK Stack 5.0 as a whole).

Any new version of the software will have quirks, and there is little doubt that future alpha and beta releases of Kibana 5 will have issues. But as a whole, I’m really looking forward to working with this new version and integrating it into our ELK platform.

In the meantime, kudos to Elastic’s development team! What do you think of Kibana 5? I’d love to hear your thoughts below.

For more on Kibana, I invite you to see Kibana tutorial or the tutorial on how to create custom Kibana visualizations.

Take Kibana to the next level. Find out how!

    Stay updated with us!

    By submitting this form, you are accepting our Terms of Use and our Privacy Policy

    Thank you for subscribing!

    × March 10, 2021 | 10 AM ET ScaleUP Security 2021: An exclusive cloud security virtual event Register Now