How to configure Kibana.yml to create custom region maps?

Hi, I want to create custom Region map for all the cities in UK. I tried the United Kingdom Subdivisions in the vector map dropdown, but it won't show all the drop down.

I followed this link: https://www.elastic.co/blog/custom-region-maps-in-kibana-6-0

And have pasted the Custom Region Map config in the yml file below.

Please let me know what I'm doing wrong and how to do this.

Kibana is served by a back end server. This setting specifies the port to use.

#server.port: 5601

Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.

The default is 'localhost', which usually means remote machines will not be able to connect.

To allow connections from remote users, set this parameter to a non-loopback address.

#server.host: "localhost"

Enables you to specify a path to mount Kibana at if you are running behind a proxy.

Use the server.rewriteBasePath setting to tell Kibana if it should remove the basePath

from requests it receives, and to prevent a deprecation warning at startup.

This setting cannot end in a slash.

#server.basePath: ""

Specifies whether Kibana should rewrite requests that are prefixed with

server.basePath or require that they are rewritten by your reverse proxy.

This setting was effectively always false before Kibana 6.3 and will

default to true starting in Kibana 7.0.

#server.rewriteBasePath: false

The maximum payload size in bytes for incoming server requests.

#server.maxPayloadBytes: 1048576

The Kibana server's name. This is used for display purposes.

#server.name: "your-hostname"

The URLs of the Elasticsearch instances to use for all your queries.

#elasticsearch.hosts: ["http://localhost:9200"]

When this setting's value is true Kibana uses the hostname specified in the server.host

setting. When the value of this setting is false, Kibana uses the hostname of the host

that connects to this Kibana instance.

#elasticsearch.preserveHost: true

Kibana uses an index in Elasticsearch to store saved searches, visualizations and

dashboards. Kibana creates a new index if the index doesn't already exist.

#kibana.index: ".kibana"

The default application to load.

#kibana.defaultAppId: "home"

If your Elasticsearch is protected with basic authentication, these settings provide

the username and password that the Kibana server uses to perform maintenance on the Kibana

index at startup. Your Kibana users still need to authenticate with Elasticsearch, which

is proxied through the Kibana server.

#elasticsearch.username: "kibana"
#elasticsearch.password: "pass"

Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.

These settings enable SSL for outgoing requests from the Kibana server to the browser.

#server.ssl.enabled: false
#server.ssl.certificate: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key

Optional settings that provide the paths to the PEM-format SSL certificate and key files.

These files validate that your Elasticsearch backend uses the same key files.

#elasticsearch.ssl.certificate: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key

Optional setting that enables you to specify a path to the PEM file for the certificate

authority for your Elasticsearch instance.

#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]

To disregard the validity of SSL certificates, change this setting's value to 'none'.

#elasticsearch.ssl.verificationMode: full

Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of

the elasticsearch.requestTimeout setting.

#elasticsearch.pingTimeout: 1500

Time in milliseconds to wait for responses from the back end or Elasticsearch. This value

must be a positive integer.

#elasticsearch.requestTimeout: 30000

List of Kibana client-side headers to send to Elasticsearch. To send no client-side

headers, set this value to (an empty list).

#elasticsearch.requestHeadersWhitelist: [ authorization ]

Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten

by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.

#elasticsearch.customHeaders: {}

Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.

#elasticsearch.shardTimeout: 30000

Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying.

#elasticsearch.startupTimeout: 5000

Logs queries sent to Elasticsearch. Requires logging.verbose set to true.

#elasticsearch.logQueries: false

Specifies the path where Kibana creates the process ID file.

#pid.file: /var/run/kibana.pid

Enables you specify a file where Kibana stores log output.

#logging.dest: stdout

Set the value of this setting to true to suppress all logging output.

#logging.silent: false

Set the value of this setting to true to suppress all logging output other than error messages.

#logging.quiet: false

Set the value of this setting to true to log all events, including system usage information

and all requests.

#logging.verbose: false

Set the interval in milliseconds to sample system and process performance

metrics. Minimum is 100ms. Defaults to 5000.

#ops.interval: 5000

Specifies locale to be used for all localizable strings, dates and number formats.

Supported languages are the following: English - en , by default , Chinese - zh-CN .

#i18n.locale: "en"

Custom Region Maps

#regionmap:
#layers:
#- name: "UK Cities"
#url: "https://gist.githubusercontent.com/duhaime/1d6d5a8dc77c86128fcc1a05a72726c9/raw/8b8522cbc69498b6c4983a9f58c045c2b451cb89/british-isles-counties.geojson"

   #fields:
      #- name: "CITY_NAME"
        #description: "City Name"

Be sure to remove the # at the beginning of your lines. Otherwise the lines are read as a comment.

Okay thanks @nickpeihl

Hi @nickpeihl, I removed the # before the lines and this is this output I'm getting in the cmd line.

C:\Users\ramya.t\Downloads\Colt\ELK\kibana-7.4.0\bin>kibana
log [07:55:20.367] [info][plugins-system] Setting up [4] plugins: [security,translations,inspector,data]
log [07:55:20.374] [info][plugins][security] Setting up plugin
log [07:55:20.375] [warning][config][plugins][security] Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in kibana.yml
log [07:55:20.376] [warning][config][plugins][security] Session cookies will be transmitted over insecure connections. This is not recommended.
log [07:55:20.380] [fatal][root] { Error: ENOENT: no such file or directory, open '/path/to/your/CA.pem'
at Object.openSync (fs.js:439:3)
at readFileSync (fs.js:344:35)
at readFile (C:\Users\ramya.t\Downloads\Colt\ELK\kibana-7.4.0\src\core\server\elasticsearch\elasticsearch_client_config.js:114:49)
at Array.map ()
at parseElasticsearchClientConfig (C:\Users\ramya.t\Downloads\Colt\ELK\kibana-7.4.0\src\core\server\elasticsearch\elasticsearch_client_config.js:117:63)
at new ClusterClient (C:\Users\ramya.t\Downloads\Colt\ELK\kibana-7.4.0\src\core\server\elasticsearch\cluster_client.js:126:109)
at ElasticsearchService.createClusterClient (C:\Users\ramya.t\Downloads\Colt\ELK\kibana-7.4.0\src\core\server\elasticsearch\elasticsearch_service.js:85:12)
at Object.createClient (C:\Users\ramya.t\Downloads\Colt\ELK\kibana-7.4.0\src\core\server\elasticsearch\elasticsearch_service.js:68:21)
at Plugin.createClient [as setup] (C:\Users\ramya.t\Downloads\Colt\ELK\kibana-7.4.0\x-pack\plugins\security\server/plugin.js:44:45)
at process._tickCallback (internal/process/next_tick.js:68:7)
errno: -4058,
syscall: 'open',
code: 'ENOENT',
path: '/path/to/your/CA.pem' }

FATAL Error: ENOENT: no such file or directory, open '/path/to/your/CA.pem'

I'm new to ELK, kindly help. I've pasted my kibana.yml file in another reply due to space restrictions.

My kibana.yml file. What am I doing wrong here?

Kibana is served by a back end server. This setting specifies the port to use.

server.port: 5601

Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.

The default is 'localhost', which usually means remote machines will not be able to connect.

To allow connections from remote users, set this parameter to a non-loopback address.

server.host: "localhost"

Enables you to specify a path to mount Kibana at if you are running behind a proxy.

Use the server.rewriteBasePath setting to tell Kibana if it should remove the basePath

from requests it receives, and to prevent a deprecation warning at startup.

This setting cannot end in a slash.

server.basePath: ""

Specifies whether Kibana should rewrite requests that are prefixed with

server.basePath or require that they are rewritten by your reverse proxy.

This setting was effectively always false before Kibana 6.3 and will

default to true starting in Kibana 7.0.

server.rewriteBasePath: false

The maximum payload size in bytes for incoming server requests.

server.maxPayloadBytes: 1048576

The Kibana server's name. This is used for display purposes.

server.name: "your-hostname"

The URLs of the Elasticsearch instances to use for all your queries.

elasticsearch.hosts: ["http://localhost:9200"]

When this setting's value is true Kibana uses the hostname specified in the server.host

setting. When the value of this setting is false, Kibana uses the hostname of the host

that connects to this Kibana instance.

elasticsearch.preserveHost: true

Kibana uses an index in Elasticsearch to store saved searches, visualizations and

dashboards. Kibana creates a new index if the index doesn't already exist.

kibana.index: ".kibana"

The default application to load.

kibana.defaultAppId: "home"

If your Elasticsearch is protected with basic authentication, these settings provide

the username and password that the Kibana server uses to perform maintenance on the Kibana

index at startup. Your Kibana users still need to authenticate with Elasticsearch, which

is proxied through the Kibana server.

elasticsearch.username: "kibana"
elasticsearch.password: "pass"

Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.

These settings enable SSL for outgoing requests from the Kibana server to the browser.

server.ssl.enabled: false
server.ssl.certificate: /path/to/your/server.crt
server.ssl.key: /path/to/your/server.key

Optional settings that provide the paths to the PEM-format SSL certificate and key files.

These files validate that your Elasticsearch backend uses the same key files.

elasticsearch.ssl.certificate: /path/to/your/client.crt
elasticsearch.ssl.key: /path/to/your/client.key

Optional setting that enables you to specify a path to the PEM file for the certificate

authority for your Elasticsearch instance.

elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]

To disregard the validity of SSL certificates, change this setting's value to 'none'.

elasticsearch.ssl.verificationMode: full

Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of

the elasticsearch.requestTimeout setting.

elasticsearch.pingTimeout: 1500

Time in milliseconds to wait for responses from the back end or Elasticsearch. This value

must be a positive integer.

elasticsearch.requestTimeout: 30000

List of Kibana client-side headers to send to Elasticsearch. To send no client-side

headers, set this value to (an empty list).

elasticsearch.requestHeadersWhitelist: [ authorization ]

Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten

by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.

elasticsearch.customHeaders: {}

Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.

elasticsearch.shardTimeout: 30000

Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying.

elasticsearch.startupTimeout: 5000

Logs queries sent to Elasticsearch. Requires logging.verbose set to true.

elasticsearch.logQueries: false

Specifies the path where Kibana creates the process ID file.

pid.file: /var/run/kibana.pid

Enables you specify a file where Kibana stores log output.

logging.dest: stdout

Set the value of this setting to true to suppress all logging output.

logging.silent: false

Set the value of this setting to true to suppress all logging output other than error messages.

logging.quiet: false

Set the value of this setting to true to log all events, including system usage information

and all requests.

logging.verbose: false

Set the interval in milliseconds to sample system and process performance

metrics. Minimum is 100ms. Defaults to 5000.

ops.interval: 5000

Specifies locale to be used for all localizable strings, dates and number formats.

Supported languages are the following: English - en , by default , Chinese - zh-CN .

i18n.locale: "en"

server.cors : true
server.cors.origin: "*"

Custom Region Maps

regionmap:
layers:
- name: "UK Major Cities and Towns"
url: "http://localhost:8000/Major_Towns_and_Cities.geojson"
fields:
- name: "tcity15nm"
description: "City Name"

My apologies. I meant you should only remove the # before the lines where you define your custom region map. That may be the cause of the error.

1 Like

Thank you @nickpeihl. Figured it out eventually :slightly_smiling_face: