Exploring Your Data

In the last chapter, we learned how to create a dashboard from Apache log files for which we have made a complete ELK Stack. Logstash was used to take an Apache log as input and then output the log data into an Elasticsearch server. We used Elasticsearch to save that log data in an index. Finally, we used Kibana to use the Elasticsearch index in order to create a dashboard after creating visualizations. This was just a brief introduction to understanding the complete ecosystem.

In this chapter, we will deep dive to understand how we can use the Discover option of Kibana to explore our data. We can only create our visualization after exploring and understanding our data.

In this chapter, we will be covering the following topics:

• Kibana Discover and its features
• Discovering our data using Kibana Discover:
  • Configuring Packetbeat to push packet data into Elasticsearch
  • Exploring Kibana Discover to access packet data
  • Configuring Kibana to read the Elasticsearch index with packet logs