Elasticsearch, Kibana, and Cerebro

Powerful search, visualization, and administration for your data

Elasticsearch is a distributed, open source search and analytics engine for all types of data, including textual, numerical, geospatial, structured, and unstructured. Built on Apache Lucene and first released in 2010 by Elasticsearch N.V. (now known as Elastic), it provides a powerful platform for storing, searching, and analyzing data at scale.

Kibana

Kibana is an open source analytics and visualization platform designed to work with Elasticsearch. You can use Kibana to search, view, and interact with data stored in Elasticsearch indices. It allows you to perform advanced data analysis and visualize your data in a variety of charts, tables, and maps, making complex data easy to understand.

Cerebro

Cerebro is an open source (MIT License) Elasticsearch web admin tool built using Scala, Play Framework, AngularJS, and Bootstrap. It provides a user-friendly interface for managing and monitoring your Elasticsearch clusters, allowing you to perform administrative tasks without having to use the command line.

📋 Provision

bash docker/docker.sh
bash elasticsearch-kibana-cerebro/elasticsearch-kibana-cerebro.sh

vagrant up --provision-with basetools,docker,docsify,elasticsearch-kibana-cerebro

docker compose exec hashiqube /bin/bash
bash hashiqube/basetools.sh
bash docker/docker.sh
bash docsify/docsify.sh
bash elasticsearch-kibana-cerebro/elasticsearch-kibana-cerebro.sh

🌐 Web Interfaces

After provisioning, you can access the web interfaces at:

Kibana

URL: http://localhost:5601
Purpose: Data visualization and Elasticsearch management

Kibana dashboard interface for data visualization

Cerebro

URL: http://localhost:5602
Purpose: Elasticsearch cluster administration

Cerebro interface for Elasticsearch cluster management

🔧 Key Features

Elasticsearch

Distributed Search - Scale horizontally for massive data volumes
Real-time Analytics - Get insights from your data as it's ingested
Full-text Search - Powerful search capabilities across all your content
Schema-free JSON - Store data in flexible formats
RESTful API - Easy integration with other applications
Multi-tenancy - Isolate data and operations between users

Kibana

Data Visualization - Create dashboards with charts, graphs, and maps
Data Exploration - Discover patterns and trends in your data
Monitoring - Track the health and performance of your Elasticsearch clusters
Machine Learning - Identify anomalies in your data (with X-Pack)
Security - Control who can access your dashboards (with X-Pack)
Reporting - Generate and share reports based on your visualizations

Cerebro

Cluster Overview - Monitor the health and status of your Elasticsearch clusters
Index Management - Create, delete, and configure indices
Query Interface - Execute queries against your Elasticsearch clusters
REST API Access - Interact with the Elasticsearch REST API through a UI
Node Statistics - View detailed performance metrics for each node

💡 Common Use Cases

Log Analysis - Centralize and analyze logs from multiple systems
Application Search - Add powerful search capabilities to your applications
Security Analytics - Detect and investigate security threats
Business Analytics - Gain insights from your business data
Infrastructure Monitoring - Track the health and performance of your IT infrastructure
Geospatial Analysis - Analyze location-based data

🔗 Additional Resources

#!/bin/bash
sudo docker stop elasticsearch-kibana
sudo docker rm elasticsearch-kibana
sudo docker stop cerebro
sudo docker rm cerebro
yes | sudo docker system prune -a
yes | sudo docker system prune --volumes
sudo docker run -d -p 19200:9200 -p 5601:5601 --name elasticsearch-kibana nshou/elasticsearch-kibana
sudo docker run -d -p 5602:9000 --name cerebro lmenezes/cerebro:0.8.3
echo -e '\e[38;5;198m'"++++ Elasticsearch: http://localhost:19200"
echo -e '\e[38;5;198m'"++++ Kibana: http://localhost:5601"
echo -e '\e[38;5;198m'"++++ Cerebro: http://localhost:5602 and enter http://10.9.99.10:19200"