Access Kibana from remote machine

Hi all,

I have Kibana running on one machine and I would like to access that instance of Kibana on another machine. That is to say, I want to host Kibana on on my local computer and access it through the web browser of another. I am unsure if this is possible. If it is, can I get some guidance on doing so?

Best,
Rick

You will want to alter server.host to allow that.

Hi Mark,

Thank you. I’ve tried doing so in the Kibana.yml. I altered server.host and kept the server.port at 5601. After doing this I ran Kibana on my machine and typed the IP address and port that I defined in the kibana.yml on another machine like so: “ipaddress:port”. Nothing shows up on the remote machine though. Do you have any insight on what might be causing this?

You'd need to share your config file and Kibana logs to diagnose that further.

By config do you mean the kibana.yml ?

Yep.

Here is a snippet of the yml. There only two properties I commented out were the server port and server host

Please don't post pictures of text or code. They are difficult to read, impossible to search and replicate (if it's code), and some people may not be even able to see them :slight_smile:

We will need to see your logs as well.

Hi Mark,

My apologies. The text in my kibana yml is the following:

# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601

# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "xxx.xxx.x.xx"

# Enables you to specify a path to mount Kibana at if you are running behind a proxy.
# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath
# from requests it receives, and to prevent a deprecation warning at startup.
# This setting cannot end in a slash.
#server.basePath: ""

# Specifies whether Kibana should rewrite requests that are prefixed with
# `server.basePath` or require that they are rewritten by your reverse proxy.
# This setting was effectively always `false` before Kibana 6.3 and will
# default to `true` starting in Kibana 7.0.
#server.rewriteBasePath: false

# Specifies the public URL at which Kibana is available for end users. If
# `server.basePath` is configured this URL should end with the same basePath.
#server.publicBaseUrl: ""

# The maximum payload size in bytes for incoming server requests.
#server.maxPayload: 1048576

# The Kibana server's name.  This is used for display purposes.
#server.name: "your-hostname"

# The URLs of the Elasticsearch instances to use for all your queries.
#elasticsearch.hosts: ["http://localhost:9200"]

# Kibana uses an index in Elasticsearch to store saved searches, visualizations and
# dashboards. Kibana creates a new index if the index doesn't already exist.
#kibana.index: ".kibana"

# The default application to load.
#kibana.defaultAppId: "home"

# If your Elasticsearch is protected with basic authentication, these settings provide
# the username and password that the Kibana server uses to perform maintenance on the Kibana
# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
# is proxied through the Kibana server.
#elasticsearch.username: "kibana_system"
#elasticsearch.password: "password"

# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
# These settings enable SSL for outgoing requests from the Kibana server to the browser.
#server.ssl.enabled: false
#server.ssl.certificate: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key

# Optional settings that provide the paths to the PEM-format SSL certificate and key files.
# These files are used to verify the identity of Kibana to Elasticsearch and are required when
# xpack.security.http.ssl.client_authentication in Elasticsearch is set to required.
#elasticsearch.ssl.certificate: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key

# Optional setting that enables you to specify a path to the PEM file for the certificate
# authority for your Elasticsearch instance.
#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]

# To disregard the validity of SSL certificates, change this setting's value to 'none'.
#elasticsearch.ssl.verificationMode: full

# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of
# the elasticsearch.requestTimeout setting.
#elasticsearch.pingTimeout: 1500

# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value
# must be a positive integer.
#elasticsearch.requestTimeout: 30000

# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side
# headers, set this value to [] (an empty list).
#elasticsearch.requestHeadersWhitelist: [ authorization ]

# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten
# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.
#elasticsearch.customHeaders: {}

# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.
#elasticsearch.shardTimeout: 30000

# Logs queries sent to Elasticsearch. Requires logging.verbose set to true.
#elasticsearch.logQueries: false

# Specifies the path where Kibana creates the process ID file.
#pid.file: /run/kibana/kibana.pid

# Enables you to specify a file where Kibana stores log output.
logging.dest: C:/kibanalogs.txt

# Set the value of this setting to true to suppress all logging output.
#logging.silent: false

# Set the value of this setting to true to suppress all logging output other than error messages.
#logging.quiet: false

# Set the value of this setting to true to log all events, including system usage information
# and all requests.
#logging.verbose: false

# Set the interval in milliseconds to sample system and process performance
# metrics. Minimum is 100ms. Defaults to 5000.
#ops.interval: 5000

# Specifies locale to be used for all localizable strings, dates and number formats.
# Supported languages are the following: English - en , by default , Chinese - zh-CN .
#i18n.locale: "en"

#elasticsearch.username: "kibana_system"

Additionally the text in my kibana log file is this:

{"type":"log","@timestamp":"2021-07-29T09:43:44-07:00","tags":["info","plugins-service"],"pid":18920,"message":"Plugin \"timelines\" is disabled."}
{"type":"log","@timestamp":"2021-07-29T09:43:44-07:00","tags":["warning","config","deprecation"],"pid":18920,"message":"\"logging.dest\" has been deprecated and will be removed in 8.0. To set the destination moving forward, you can use the \"console\" appender in your logging configuration or define a custom one. For more details, see https://github.com/elastic/kibana/blob/master/src/core/server/logging/README.mdx"}
{"type":"log","@timestamp":"2021-07-29T09:43:44-07:00","tags":["warning","config","deprecation"],"pid":18920,"message":"plugins.scanDirs is deprecated and is no longer used"}
{"type":"log","@timestamp":"2021-07-29T09:43:44-07:00","tags":["warning","config","deprecation"],"pid":18920,"message":"Config key [monitoring.cluster_alerts.email_notifications.email_address] will be required for email notifications to work in 8.0.\""}
{"type":"log","@timestamp":"2021-07-29T09:43:44-07:00","tags":["info","plugins-system"],"pid":18920,"message":"Setting up [106] plugins: [taskManager,licensing,globalSearch,globalSearchProviders,banners,code,usageCollection,xpackLegacy,telemetryCollectionManager,telemetry,telemetryCollectionXpack,kibanaUsageCollection,securityOss,share,mapsEms,mapsLegacy,newsfeed,kibanaLegacy,translations,licenseApiGuard,legacyExport,embeddable,uiActionsEnhanced,esUiShared,expressions,charts,bfetch,data,home,console,consoleExtensions,apmOss,searchprofiler,painlessLab,grokdebugger,management,advancedSettings,savedObjects,visualizations,visTypeVega,visTypeVislib,visTypeTable,visTypeMetric,visTypeTimelion,features,licenseManagement,watcher,visTypeTagcloud,visTypeMarkdown,visTypeXy,tileMap,regionMap,presentationUtil,canvas,graph,timelion,dashboard,dashboardEnhanced,visualize,visTypeTimeseries,inputControlVis,indexPatternManagement,discover,discoverEnhanced,savedObjectsManagement,spaces,security,savedObjectsTagging,lens,reporting,lists,encryptedSavedObjects,dataEnhanced,dashboardMode,cloud,upgradeAssistant,snapshotRestore,fleet,indexManagement,rollup,remoteClusters,crossClusterReplication,indexLifecycleManagement,enterpriseSearch,beatsManagement,transform,ingestPipelines,fileUpload,maps,fileDataVisualizer,eventLog,actions,alerting,triggersActionsUi,stackAlerts,ruleRegistry,observability,osquery,ml,securitySolution,cases,infra,monitoring,logstash,apm,uptime]"}
{"type":"log","@timestamp":"2021-07-29T09:43:44-07:00","tags":["info","plugins","taskManager"],"pid":18920,"message":"TaskManager is identified by the Kibana UUID: ef12c2e9-97e0-4cb6-816d-a7d30a572f0a"}
{"type":"log","@timestamp":"2021-07-29T09:43:45-07:00","tags":["warning","plugins","security","config"],"pid":18920,"message":"Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2021-07-29T09:43:45-07:00","tags":["warning","plugins","security","config"],"pid":18920,"message":"Session cookies will be transmitted over insecure connections. This is not recommended."}
{"type":"log","@timestamp":"2021-07-29T09:43:45-07:00","tags":["warning","plugins","reporting","config"],"pid":18920,"message":"Generating a random key for xpack.reporting.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.reporting.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2021-07-29T09:43:45-07:00","tags":["info","plugins","reporting","config"],"pid":18920,"message":"Chromium sandbox provides an additional layer of protection, and is supported for Win32 OS. Automatically enabling Chromium sandbox."}
{"type":"log","@timestamp":"2021-07-29T09:43:45-07:00","tags":["warning","plugins","encryptedSavedObjects"],"pid":18920,"message":"Saved objects encryption key is not set. This will severely limit Kibana functionality. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2021-07-29T09:43:45-07:00","tags":["warning","plugins","actions","actions"],"pid":18920,"message":"APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2021-07-29T09:43:45-07:00","tags":["warning","plugins","alerting","plugins","alerting"],"pid":18920,"message":"APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2021-07-29T09:43:45-07:00","tags":["info","plugins","monitoring","monitoring"],"pid":18920,"message":"config sourced from: production cluster"}
{"type":"log","@timestamp":"2021-07-29T09:43:45-07:00","tags":["info","savedobjects-service"],"pid":18920,"message":"Waiting until all Elasticsearch nodes are compatible with Kibana before starting saved objects migrations..."}
{"type":"log","@timestamp":"2021-07-29T09:43:45-07:00","tags":["error","savedobjects-service"],"pid":18920,"message":"Unable to retrieve version information from Elasticsearch nodes."}
{"type":"log","@timestamp":"2021-07-29T09:48:42-07:00","tags":["info","plugins-system"],"pid":18920,"message":"Stopping all plugins."}
{"type":"log","@timestamp":"2021-07-29T09:48:42-07:00","tags":["info","plugins","monitoring","monitoring","kibana-monitoring"],"pid":18920,"message":"Monitoring stats collection is stopped"}
{"type":"log","@timestamp":"2021-07-29T09:48:43-07:00","tags":["info","plugins-system"],"pid":18920,"message":"Stopping all plugins."}Preformatted text

note: in actuality I have replaced the x's in my server host name with the ip of the machine I am hosting kibana on

is port 5601 open on the ELK machine? Is it open between machines (e.g. AWS security groups)?

Is Elasticsearch running on the same host as Kibana? It doesn't look like it can reach Elasticsearch is all.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.