4. Config Kibana to show Postfix log event
So far so good, from previous posts we already have event logs stored in Elasticsearch, now we need to use Kibana to display interesting dashboards.
To run Kibana we can use any common http server like Nginx or Apache.
Download https://download.elasticsearch.org/kibana/kibana/kibana-3.0.0milestone4.tar.gz and extract Kibana into a folder like /var/www/html/kibana/
Point the config to Elasticsearch server (this server also) : # vim /var/www/html/kibana/config.js
Make sure the browser can connect to 10.90.7.195:9200. Turn any firewall in between to off.
Point the browser to http://10.90.7.195/kibana/, then select Logstash dashboard. Change the index pattern to [postfix_mail-]YYYY.MM.DD :
Try discovering Kibana by yourself, it is such a really good experience. There are lot of panel types, the most common used are : histogram (graph updating in realtime based on @timestamp field), HIT, Table and Terms (similar to SQL group-by count).
At last, we should have a dashboard like this :