1、截至目前Elasticsearch 版本已經更新到了7.10.1版本了，這裡先使用Elasticsearch 6.7.1版本，給一個下載地址，如下所示：

官方下載地址：https://www.elastic.co/cn/downloads/past-releases#elasticsearch

將下載好的Kibana上傳到伺服器，然後解壓縮排行安裝操作，如下所示：

1 [root@k8s-master package]# tar -zxvf kibana-6.7.1-linux-x86_64.tar.gz -C /usr/local/elastic/

由於我是使用的root的許可權，所以解壓縮之後將許可權賦予給elsearch使用者即可，如下所示：

 1 [root@k8s-master elastic]# ll
 2 total 0
 3 drwxr-xr-x  8 root root 143 Apr  3  2019 elasticsearch-6.7.1
 4 drwxr-xr-x 13 root root 246 Jan  9 23:05 kibana-6.7.1-linux-x86_64
 5 [root@k8s-master elastic]# chown -R elsearch:elsearch elasticsearch-6.7.1/
 6 [root@k8s-master elastic]# chown -R elsearch:elsearch kibana-6.7
 
.1-linux-x86_64/
 7 [root@k8s-master elastic]# 
 8 [root@k8s-master elastic]# 
 9 [root@k8s-master elastic]# ll
10 total 0
11 drwxr-xr-x  8 elsearch elsearch 143 Apr  3  2019 elasticsearch-6.7.1
12 drwxr-xr-x 13 elsearch elsearch 246 Jan  9 23:05 kibana-6.7.1-linux-x86_64
13 [root@k8s-master elastic]# 

需要修改kibana的配置，告訴kibana，elasticsearch的連線地址是什麼，如下所示：

 1 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ ll
 2 total 1828
 3 drwxrwxr-x    2 elsearch elsearch      64 Jan  9 23:05 bin
 4 drwxrwxr-x    4 elsearch elsearch      29 Jan  9 23:05 built_assets
 5 drwxrwxr-x    2 elsearch elsearch      24 Jan  9 23:05 config
 6 drwxrwxr-x    2 elsearch elsearch       6 Apr  3  2019 data
 7 -rw-rw-r--    1 elsearch elsearch   13675 Apr  3  2019 LICENSE.txt
 8 drwxrwxr-x    6 elsearch elsearch     108 Jan  9 23:05 node
 9 drwxrwxr-x 1166 elsearch elsearch   36864 Jan  9 23:05 node_modules
10 -rw-rw-r--    1 elsearch elsearch 1784986 Apr  3  2019 NOTICE.txt
11 drwxrwxr-x    3 elsearch elsearch      45 Jan  9 23:05 optimize
12 -rw-rw-r--    1 elsearch elsearch     776 Apr  3  2019 package.json
13 drwxrwxr-x    2 elsearch elsearch       6 Apr  3  2019 plugins
14 -rw-rw-r--    1 elsearch elsearch    4038 Apr  3  2019 README.txt
15 drwxrwxr-x   15 elsearch elsearch     234 Jan  9 23:05 src
16 drwxrwxr-x    3 elsearch elsearch      19 Jan  9 23:05 target
17 drwxrwxr-x    2 elsearch elsearch     309 Jan  9 23:05 webpackShims
18 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ cd config/
19 [elsearch@k8s-master config]$ ls
20 kibana.yml
21 [elsearch@k8s-master config]$ vim kibana.yml 

我這裡目前只是修改了兩個引數，其它的都是預設的，如下所示：

 1 # Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
 2 # The default is 'localhost', which usually means remote machines will not be able to connect.
 3 # To allow connections from remote users, set this parameter to a non-loopback address.
 4 #server.host: "localhost"
 5 server.host: "192.168.110.133"
 6 
 7 
 8 # The URLs of the Elasticsearch instances to use for all your queries.
 9 #elasticsearch.hosts: ["http://localhost:9200"]
10 elasticsearch.hosts: ["http://192.168.110.133:9200"]

然後使用啟動命令，啟動kinaba即可，如下所示：

 1 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ ./bin/kibana
 2   log   [15:28:33.417] [info][status][plugin:kibana@6.7.1] Status changed from uninitialized to green - Ready
 3   log   [15:28:33.600] [info][status][plugin:elasticsearch@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
 4   log   [15:28:33.616] [info][status][plugin:xpack_main@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
 5   log   [15:28:33.644] [info][status][plugin:graph@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
 6   log   [15:28:33.722] [info][status][plugin:monitoring@6.7.1] Status changed from uninitialized to green - Ready
 7   log   [15:28:33.733] [info][status][plugin:spaces@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
 8   log   [15:28:33.755] [warning][security] Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in kibana.yml
 9   log   [15:28:33.767] [warning][security] Session cookies will be transmitted over insecure connections. This is not recommended.
10   log   [15:28:33.779] [info][status][plugin:security@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
11   log   [15:28:33.841] [info][status][plugin:searchprofiler@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
12   log   [15:28:33.848] [info][status][plugin:ml@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
13   log   [15:28:33.951] [info][status][plugin:tilemap@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
14   log   [15:28:33.956] [info][status][plugin:watcher@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
15   log   [15:28:34.005] [info][status][plugin:grokdebugger@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
16   log   [15:28:34.040] [info][status][plugin:dashboard_mode@6.7.1] Status changed from uninitialized to green - Ready
17   log   [15:28:34.044] [info][status][plugin:logstash@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
18   log   [15:28:34.071] [info][status][plugin:beats_management@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
19   log   [15:28:34.143] [info][status][plugin:apm@6.7.1] Status changed from uninitialized to green - Ready
20   log   [15:28:34.145] [info][status][plugin:tile_map@6.7.1] Status changed from uninitialized to green - Ready
21   log   [15:28:34.157] [info][status][plugin:task_manager@6.7.1] Status changed from uninitialized to green - Ready
22   log   [15:28:34.169] [info][status][plugin:maps@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
23   log   [15:28:34.188] [info][status][plugin:interpreter@6.7.1] Status changed from uninitialized to green - Ready
24   log   [15:28:34.221] [info][status][plugin:canvas@6.7.1] Status changed from uninitialized to green - Ready
25   log   [15:28:34.241] [info][status][plugin:license_management@6.7.1] Status changed from uninitialized to green - Ready
26   log   [15:28:34.245] [info][status][plugin:cloud@6.7.1] Status changed from uninitialized to green - Ready
27   log   [15:28:34.255] [info][status][plugin:index_management@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
28   log   [15:28:34.305] [info][status][plugin:console@6.7.1] Status changed from uninitialized to green - Ready
29   log   [15:28:34.308] [info][status][plugin:console_extensions@6.7.1] Status changed from uninitialized to green - Ready
30   log   [15:28:34.316] [info][status][plugin:notifications@6.7.1] Status changed from uninitialized to green - Ready
31   log   [15:28:34.321] [info][status][plugin:index_lifecycle_management@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
32   log   [15:28:34.389] [info][status][plugin:infra@6.7.1] Status changed from uninitialized to green - Ready
33   log   [15:28:34.393] [info][status][plugin:rollup@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
34   log   [15:28:34.412] [info][status][plugin:remote_clusters@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
35   log   [15:28:34.425] [info][status][plugin:cross_cluster_replication@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
36   log   [15:28:34.447] [info][status][plugin:translations@6.7.1] Status changed from uninitialized to green - Ready
37   log   [15:28:34.468] [info][status][plugin:upgrade_assistant@6.7.1] Status changed from uninitialized to green - Ready
38   log   [15:28:34.496] [info][status][plugin:uptime@6.7.1] Status changed from uninitialized to green - Ready
39   log   [15:28:34.503] [info][status][plugin:oss_telemetry@6.7.1] Status changed from uninitialized to green - Ready
40   log   [15:28:34.524] [info][status][plugin:metrics@6.7.1] Status changed from uninitialized to green - Ready
41   log   [15:28:35.030] [info][status][plugin:timelion@6.7.1] Status changed from uninitialized to green - Ready
42   log   [15:28:38.698] [error][status][plugin:xpack_main@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
43   log   [15:28:38.762] [error][status][plugin:graph@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
44   log   [15:28:38.774] [error][status][plugin:spaces@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
45   log   [15:28:38.776] [error][status][plugin:security@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
46   log   [15:28:38.778] [error][status][plugin:searchprofiler@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
47   log   [15:28:38.807] [error][status][plugin:ml@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
48   log   [15:28:38.808] [error][status][plugin:tilemap@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
49   log   [15:28:38.809] [error][status][plugin:watcher@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
50   log   [15:28:38.810] [error][status][plugin:grokdebugger@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
51   log   [15:28:38.811] [error][status][plugin:logstash@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
52   log   [15:28:38.811] [error][status][plugin:beats_management@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
53   log   [15:28:38.840] [error][status][plugin:maps@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
54   log   [15:28:38.840] [error][status][plugin:index_management@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
55   log   [15:28:38.841] [error][status][plugin:index_lifecycle_management@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
56   log   [15:28:38.843] [error][status][plugin:rollup@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
57   log   [15:28:39.046] [error][status][plugin:remote_clusters@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
58   log   [15:28:39.047] [error][status][plugin:cross_cluster_replication@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
59   log   [15:28:39.084] [error][status][plugin:elasticsearch@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms
60   log   [15:28:42.071] [warning][browser-driver][reporting] Enabling the Chromium sandbox provides an additional layer of protection.
61   log   [15:28:42.078] [warning][reporting] Generating a random key for xpack.reporting.encryptionKey. To prevent pending reports from failing on restart, please set xpack.reporting.encryptionKey in kibana.yml
62   log   [15:28:42.689] [error][status][plugin:reporting@6.7.1] Status changed from uninitialized to red - Request Timeout after 3000ms
63   log   [15:28:58.143] [info][license][xpack] Imported license information from Elasticsearch for the [data] cluster: mode: basic | status: active
64   log   [15:28:58.295] [info][status][plugin:xpack_main@6.7.1] Status changed from red to green - Ready
65   log   [15:28:58.339] [info][status][plugin:graph@6.7.1] Status changed from red to green - Ready
66   log   [15:28:58.342] [info][status][plugin:searchprofiler@6.7.1] Status changed from red to green - Ready
67   log   [15:28:58.343] [info][status][plugin:ml@6.7.1] Status changed from red to green - Ready
68   log   [15:28:58.365] [info][status][plugin:tilemap@6.7.1] Status changed from red to green - Ready
69   log   [15:28:58.366] [info][status][plugin:watcher@6.7.1] Status changed from red to green - Ready
70   log   [15:28:58.367] [info][status][plugin:grokdebugger@6.7.1] Status changed from red to green - Ready
71   log   [15:28:58.408] [info][status][plugin:logstash@6.7.1] Status changed from red to green - Ready
72   log   [15:28:58.409] [info][status][plugin:beats_management@6.7.1] Status changed from red to green - Ready
73   log   [15:28:58.410] [info][status][plugin:index_management@6.7.1] Status changed from red to green - Ready
74   log   [15:28:58.446] [info][status][plugin:index_lifecycle_management@6.7.1] Status changed from red to green - Ready
75   log   [15:28:58.447] [info][status][plugin:rollup@6.7.1] Status changed from red to green - Ready
76   log   [15:28:58.448] [info][status][plugin:remote_clusters@6.7.1] Status changed from red to green - Ready
77   log   [15:28:58.448] [info][status][plugin:cross_cluster_replication@6.7.1] Status changed from red to green - Ready
78   log   [15:28:58.449] [info][status][plugin:reporting@6.7.1] Status changed from red to green - Ready
79   log   [15:28:58.462] [info][kibana-monitoring][monitoring-ui] Starting monitoring stats collection
80   log   [15:28:58.856] [info][status][plugin:security@6.7.1] Status changed from red to green - Ready
81   log   [15:28:58.857] [info][status][plugin:maps@6.7.1] Status changed from red to green - Ready
82   log   [15:29:00.691] [info][license][xpack] Imported license information from Elasticsearch for the [monitoring] cluster: mode: basic | status: active
83   log   [15:29:01.116] [info][status][plugin:elasticsearch@6.7.1] Status changed from red to green - Ready
84   log   [15:29:03.033] [info][listening] Server running at http://192.168.110.133:5601
85   log   [15:29:03.189] [info][status][plugin:spaces@6.7.1] Status changed from red to green - Ready
86     

此處我使用的elasticsearch是單節點的，即只有一個節點，然後elasticsearch的config/elasticsearch.yml裡面的network.host: 192.168.110.133引數要配置成自己具體的ip地址，不然kibana無法訪問到這個ip地址的。

切記，啟動kibana之前，需要先將elasticsearch啟動起來的，不然kibana會啟動報錯的，然後可以通過訪問地址進行訪問，預設埠號是5601，訪問地址http://192.168.110.133:5601/，如下所示：

如果想要kibana後臺啟動，可以使用命令:

1 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ nohup ./bin/kibana &
2 [1] 11214
3 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ nohup: ignoring input and appending output to ‘nohup.out’
4 
5 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ 

如何關掉，後臺啟動的kibana服務呢，如下所示：

 1 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ ps -ef | grep kibana
 2 elsearch  11958 114739  0 23:42 pts/1    00:00:00 grep --color=auto kibana
 3 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ ps -ef | grep 5601
 4 elsearch  12063 114739  0 23:42 pts/1    00:00:00 grep --color=auto 5601
 5 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ 
 6 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ fuser -n tcp 5601
 7 Cannot stat file /proc/11841/fd/0: Permission denied
 8 Cannot stat file /proc/11841/fd/1: Permission denied
 9 Cannot stat file /proc/11841/fd/2: Permission denied
10 Cannot stat file /proc/11894/fd/0: Permission denied
11 Cannot stat file /proc/11894/fd/1: Permission denied
12 Cannot stat file /proc/11894/fd/2: Permission denied
13 Cannot stat file /proc/12033/fd/0: Permission denied
14 Cannot stat file /proc/12033/fd/1: Permission denied
15 Cannot stat file /proc/12033/fd/2: Permission denied
16 5601/tcp:            11214
17 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ netstat -anltp|grep 5601
18 (Not all processes could be identified, non-owned process info
19  will not be shown, you would have to be root to see it all.)
20 tcp        0      0 192.168.110.133:5601    0.0.0.0:*               LISTEN      11214/./bin/../node 
21 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ 
22 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ 
23 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ 

使用命令，ps -ef|grep kibana 或者ps -ef|grep 5601，如果都找不到，可以嘗試 使用 fuser -n tcp 5601 或 netstat -anltp|grep 5601，然後找到程序號，kill -9 程序號。

2、Kibana配置說明，配置位於config資料夾中。kibana.yml關鍵配置說明。

server.host/server.port 訪問kibana的地址和埠號。如果kibana需要外網訪問，就需要修改成伺服器的ip地址的，埠號可以使用預設埠。
elasticsearh.host（kibana之前版本是elasticsearh.url）待訪問elasticsearh的地址。

3、Kibana常用功能說明。

　　1）、Discover資料搜尋檢視。

　　2）、Visualize圖示製作。

　　3）、Dashboard儀表盤製作。

　　4）、Timelion時序資料的高階視覺化分析。

　　5）、DevTools開發者工具。

　　6）、Management配置。

4、Elasticsearch常用術語介紹與CRUD（Create建立文件、Delete刪除文件、Update修改文件、Read讀取文件）實際操作。

　　1）、Document文件資料，就是具體存在於Elasticsearch中的資料。
　　2）、Index索引，類比Mysql中的資料庫概念。所有的Document都是存在於Index索引中的。
　　3）、Type索引中的資料型別，類似Mysql中資料表的概念。6.x版本以及以後版本慢慢廢除此說法。
　　4）、Field欄位，文件的屬性。
　　5）、Query DESL查詢語法。

5、如何實現Kibana的漢化，這裡我使用的是kibana6.7.1版本，然而Kibana 中文字地化版本是 Elastic Stack 6.7 的一部分。所以不用再下載漢化包了，網上寫的下載漢化包的地址已經沒有了，wget https://github.com/anbai-inc/Kibana_Hanization/archive/master.zip，此地址已經無法進行訪問，所以建議都使用6.7版本以後的版本，開啟Kibana解壓目錄下的 config/kibana.yml檔案，找到最下面這一行，將將"en"改成"zh-CN"，然後重啟kibana即可。

1 # Specifies locale to be used for all localizable strings, dates and number formats.
2 #i18n.locale: "en"
3 i18n.locale: "zh-CN"

重啟Kibana之後，訪問http://192.168.110.133:5601/地址之後，發現對自己更加友好了，不然有的功能還要琢磨一下。

6、Elasticsearch Query的查詢語法，有兩種形式，如下所示：