Kibana Elasticearch configuration

Hi,
I am trying to configure the Kibana file to talk to ELasticsearch. It is deployed on single node EC2 instance on AWS.
Here are my config files:
kibana.yml

# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601
#server.host: ["http://10.116.38.205"]
# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
#server.host: "localhost"

# Enables you to specify a path to mount Kibana at if you are running behind a proxy.
# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath
# from requests it receives, and to prevent a deprecation warning at startup.
# This setting cannot end in a slash.
#server.basePath: ""

# Specifies whether Kibana should rewrite requests that are prefixed with
# `server.basePath` or require that they are rewritten by your reverse proxy.
# This setting was effectively always `false` before Kibana 6.3 and will
# default to `true` starting in Kibana 7.0.
#server.rewriteBasePath: false

# Specifies the public URL at which Kibana is available for end users. If
# `server.basePath` is configured this URL should end with the same basePath.
#server.publicBaseUrl: ""

# The maximum payload size in bytes for incoming server requests.
#server.maxPayload: 1048576

# The Kibana server's name.  This is used for display purposes.
#server.name: "your-hostname"

# The URLs of the Elasticsearch instances to use for all your queries
elasticsearch.hosts: ["http://10.116.38.205:9200"]
server.defaultRoute: "/app/dashboard"
# Kibana uses an index in Elasticsearch to store saved searches, visualizations and
# dashboards. Kibana creates a new index if the index doesn't already exist.
#kibana.index: ".kibana"

# The default application to load.
#kibana.defaultAppId: "home"

# If your Elasticsearch is protected with basic authentication, these settings provide
# the username and password that the Kibana server uses to perform maintenance on the Kibana
# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
# is proxied through the Kibana server.
#elasticsearch.username: "kibana_system"
#elasticsearch.password: "pass"

# Kibana can also authenticate to Elasticsearch via "service account tokens".
# If may use this token instead of a username/password.
# elasticsearch.serviceAccountToken: "my_token"

# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
# These settings enable SSL for outgoing requests from the Kibana server to the browser.
#server.ssl.enabled: false
#server.ssl.certificate: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key

# Optional settings that provide the paths to the PEM-format SSL certificate and key files.
# These files are used to verify the identity of Kibana to Elasticsearch and are required when
# xpack.security.http.ssl.client_authentication in Elasticsearch is set to required.
#elasticsearch.ssl.certificate: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key

# Optional setting that enables you to specify a path to the PEM file for the certificate
# authority for your Elasticsearch instance.
#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]

# To disregard the validity of SSL certificates, change this setting's value to 'none'.
#elasticsearch.ssl.verificationMode: full

# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of
# the elasticsearch.requestTimeout setting.
#elasticsearch.pingTimeout: 1500

# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value
# must be a positive integer.
#elasticsearch.requestTimeout: 30000

# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side
# headers, set this value to [] (an empty list).
#elasticsearch.requestHeadersWhitelist: [ authorization ]

# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten
# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.
#elasticsearch.customHeaders: {}

# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.
#elasticsearch.shardTimeout: 30000

# Logs queries sent to Elasticsearch. Requires logging.verbose set to true.
#elasticsearch.logQueries: false

# Specifies the path where Kibana creates the process ID file.
#pid.file: /run/kibana/kibana.pid

# Enables you to specify a file where Kibana stores log output.
#logging.dest: stdout

# Set the value of this setting to true to suppress all logging output.
#logging.silent: false

# Set the value of this setting to true to suppress all logging output other than error messages.
#logging.quiet: false

# Set the value of this setting to true to log all events, including system usage information
# and all requests.
#logging.verbose: false

# Set the interval in milliseconds to sample system and process performance
# metrics. Minimum is 100ms. Defaults to 5000.
#ops.interval: 5000

# Specifies locale to be used for all localizable strings, dates and number formats.
# Supported languages are the following: English - en , by default , Chinese - zh-CN .
#i18n.locale: "en"

elasticsearch.yml

#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
#cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
#node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
#network.host: 10.116.38.205
#transport.host: 10.116.38.205
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
network.host: 10.116.38.205
#network.host: 0.0.0.0
discovery.type: single-node
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#discovery.seed_hosts: ["host1", "host2"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
#cluster.initial_master_nodes: ["node-1", "node-2"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
#
# ---------------------------------- Security ----------------------------------
#
#                                 *** WARNING ***
#
# Elasticsearch security features are not enabled by default.
# These features are free, but require configuration changes to enable them.
# This means that users don’t have to provide credentials and can get full access
# to the cluster. Network connections are also not encrypted.
#
# To protect your data, we strongly encourage you to enable the Elasticsearch security features.
# Refer to the following documentation for instructions.
#
# https://www.elastic.co/guide/en/elasticsearch/reference/7.16/configuring-stack-security.html
xpack.security.enabled: false

I try to open kibana dashboard via browser (:5601) it is unavailable. When checking if the port is open I get the following:

udo lsof -i -P -n | grep LISTEN
rpcbind    2728           rpc    8u  IPv4  16502      0t0  TCP *:111 (LISTEN)
rpcbind    2728           rpc   11u  IPv6  16505      0t0  TCP *:111 (LISTEN)
master     3177          root   13u  IPv4  17905      0t0  TCP 127.0.0.1:25 (LISTEN)
sshd       3356          root    3u  IPv4  19736      0t0  TCP *:22 (LISTEN)
sshd       3356          root    4u  IPv6  19738      0t0  TCP *:22 (LISTEN)
java      16440 elasticsearch  301u  IPv6 365172      0t0  TCP 10.116.38.205:9300 (LISTEN)
java      16440 elasticsearch  306u  IPv6 365790      0t0  TCP 10.116.38.205:9200 (LISTEN)
node      19668        kibana   58u  IPv4 370650      0t0  TCP 127.0.0.1:5601 (LISTEN)

The service runs fine, there is nothing at /var/log/messages or elasticsearchlogs. The kibana logs contains the following:

/plugins/reporting/chromium/headless_shell-linux_x64/headless_shell"}
{"type":"log","@timestamp":"2022-10-18T15:23:53+00:00","tags":["info","status"],"pid":19668,"message":"Kibana is now available (was degraded)"}
{"type":"log","@timestamp":"2022-10-18T15:28:49+00:00","tags":["info","elasticsearch","deprecation"],"pid":19668,"message":"Elasticsearch deprecation: 299 Elasticsearch-7.16.3-4e6e4eab2297e949ec994e688dad46290d018022 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value"}

What's the actual URL you are using to access Kibana?

the URL is of the EC2 instance where the ES and Kibana deployed: http://10.116.38.205:5601

And what exactly is showing when you open that?
The Kibana logs indicate it's operating as expected.

It says: "the siate cannot be reached"
I do not see any error in logs
I was wondering if my config files are correct, do we need to specify server.host in kibana.yml if it is installed on the same instance as ES?
Kibana listens on 127.0.0.1:5601 is it correct, or should it be 10.116.38.205:5601 instead?

Ahh yeah my bad, I missed this;

You need to change that to something like server.host: 0.0.0.0 for it to listen on something other than localhost.

many thanks! I will try once I get to work...

Make sure you uncomment it as well

That worked, thank you so much!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.