Kibana plugin or custom app

jnc943 · November 25, 2020, 11:28am

I would like to automate some current troubleshooting workflows that are done manually. Essentially, I would like to be able to run a query, extract some fields/information which can then be passed down to subsequent queries. Ideally, I'd also like to be able to run an alternate query if a certain query returns no results.
It would need to ability to take some input fields (text fields) and a timestamp and the output will be search results after running through the multiple queries.

I am wondering if writing an external Kibana plugin is the right approach? Or should I be writing my custom app which calls the elasticsearch REST apis to chain my queries and extract the information that I need before passing down to subsequent queries.

I am struggling to find a ton of info about Kibana plugins and what are their capabilities and limitations so any information/guidance would be super helpful!

Thanks

Dzmitry · November 25, 2020, 3:06pm

Hi @jnc943,

You can try using saved queries, but it does not solve a need to do alternative one. You can build a scripted field with flexible logic using painless, it might solve part of your needs. Also I suggest to look at compound queries, maybe you can it can solve your need.

Still if you want to understand better the process of adding external plugin, please check the https://www.elastic.co/guide/en/kibana/current/external-plugin-development.html
The process is pretty straight forward, but it may require some time.

Regards, Dzmitry

jnc943 · November 25, 2020, 5:02pm

Hi Dzmitry,
Thank you so much for your helpful response!
I will look into painless as well as compound queries.

Did I understand correctly that it would not seem that a Kibana plugin would be an obvious choice fir my use case? What I did like about it is that it could potentially minimise UI efforts when compared to building my own app/service on top of the Elasticsearch APIs.

Thanks again!

Dzmitry · November 26, 2020, 8:26am

Hi @jnc943,

I would suggest exploring existing functionality before you start work on your own plugin. You might find a solution. Plugin is always an option and you can integrate it in existing Kibana instance rather than developing a separate application from scratch using ES APIs.

We do create plugins for testing purpose, you can check it here to get more understanding how to start.

Regards, Dzmitry

system · December 24, 2020, 8:26am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.