Kibana is a great & powerful tool, and a key part of the ELK stack from Elastic, but a great & powerful management tool it is not. Primarily a data visualization tool and search development system, its management features leave a lot to be desired.
We built the ELKman management system to solve this problem, to provide a rich set of professional operational, management, and troubleshooting tools to help users manage their ELK stacks, be they on-premise, in the clouds, or run by Elastic, AWS, etc.
Kibana is a great tool, just not for cluster management, troubleshooting or optimization.
ELKman breaks out all of ELK's settings and status info, for the cluster, nodes, indexes, templates, and much more. Including explanations, helps, and doc links for all the major pieces and parts, with more on the way. This includes field-by-field settings for mappings, so you know exactly how your indexes will be created.
ELKman also adds visualizations for things like the Node roles, hierarchy and statistics. Along with index storage views and shard distribution status, making it easy to see what's really going on right now in the cluster. Kibana has monitoring (which we are adding soon) but otherwise makes it very hard to know what's what, right now.
Troubleshooting is a common challenge, i.e. why is my cluster Yellow or Red? And Kibana is not much help, other than letting you run some JSON or look at index lists. ELKman has an evolving troubleshooting center, telling you what it wrong, why, and what to do about it. For example, you can easily see why shards are unallocated, or what nodes are having trouble.
More powerful real-time views are on the way for every part of the system and stack, including ingest and indexing, pipelines, Logstash and its pipelines, networking, storage, etc. You should be able to see how everything is performing, in real-time, throughout the system.
JSON is the today's SQL, and no better for managing systems.
Kibana is also very JSON-oriented, which is great for developer and maybe simple options, but it's no way to really manage complex distributed systems on a day-to-day basis. JSON is very error-prone at any scale or complexity, and while that may be acceptable for running queries, it's not okay when configuring or managing systems.
This is similar to how RDBMS systems are managed. Sure, they are managed by SQL, but no one loves doing that, and it's very error-prone. Instead they really on GUI tools, from Oracle, Microsoft, MySQL, and others. This is especially true for urgent troubleshooting needs, routine admin activities, and specialized but rarely-performed functions.
ELK systems can be complex to configure, so the ELKman audit system scans the cluster for unusual or problematic settings, statistics, and security issues including the relevant security bulletins for your version. This can help you quickly find problematic settings, including cleaning up from past efforts at tweaking far too many knobs and leaving weird settings behind.
Kibana is a great tool, and the most visible part of the ELK stack, for good reason. But for real management of larger or complex systems, it's not the tool for the job. Get ELKman.
ELK systems can be complex to configure, so the ELKman audit system scans the cluster for unusual or problematic settings, statistics, and security issues including the relevant security bulletins for your version. This can help you quickly find problematic settings, including cleaning up from past efforts at tweaking far too many knobs and leaving weird settings behind.
Kibana is a great tool, and the most visible part of the ELK stack, for good reason. But for real management of larger or complex systems, it's not the tool for the job. Get ELKman.
Try ELKman today at www.ELKman.io
Free for Test/Dev clusters and only $99/year for most production systems.