UI to view the data

ElasticSearch, which stores all our log data, has a powerful query language to access all of that data and do what ever you want to do with it. This is being used by e.g. ElastAlert to determine if any alerts have to be raised and there are a lot of other tools around that use that very same query language, e.g. a command line tool.

However, this is a cumbersome process and you don't want to browser through your log data by typing long queries. A graphical interface is required for this and that is available with Kibana. It can be acces through the URL that is defined as the kibana_domain variable in your inventory and access is controlled through username and password.

Please go to the Kibana documentation to best learn how to use this powerful tool. Additional resources may be useful too:

• ElasticSearch Query Language
• Video on Kibana
• Kibana Tutorial