How to use Kibana in Digital Network Architecture (DNA) Center

Available Languages

Download Options

  • PDF     (1.1 MB)
    View with Adobe Reader on a variety of devices
  • ePub     (1.1 MB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (847.2 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:November 22, 2018
Document ID:213928

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

    Introduction

    This document describes how to use Kibana in order to search for specific messages or logs among the different DNA Center services.

    Contributed by Alexandro Carrasquedo, Cisco TAC Engineer.

    Prerequisites

    Requirements

    • Have a DNA Center cluster running.
    • Be familiar with the names and use use of DNA Center services.

    Background Information

      

    Kibana is an open source data visualization plugin for Elasticsearch. It provides visualization capabilities on top of the content indexed on an Elasticsearch cluster that are available in DNA Center. You can access it in two ways:

    • https://<DNA Center ip>/kibana
    • System Settings -> System 360 -> Tools -> Log exporter

    Overview of thedefault Kibana web page

    Kibana has several default fields, which are highlighted in the following image:

    • Time - Time when the message was seen.
    • Log - Raw content of the log.
    • Kubernetes.labels.serviceName - Service that displays the specific log.
    • Level - Urgency of that specific log.

    You can use these fields to provide a comprehensive output that can help you diagnose problems within your DNA Center cluster. Following are some sample use cases to help you get started with Kibana.

    Note:This document provides examples on specific services. Howeve you can try these searches on services that fit your troubleshooting needs.

    Use cases

    Get all logs that are part of the onboarding service.

    kubernetes.labels.serviceName:onboarding-service

    Get all the logs that contain the string "error"

    Tip: The most common log entries that indicate problems contain "Error", "Failed" and "Exception", feel free to modify the string to be any other common string that can guide you in your troubleshooting.

    log:error

    Mix and match your search

    You can search for entries that match a combination of strings by using AND (or &&) between the strings.

    log:error AND kubernetes.labels.serviceName:onboarding-service

    Note: Not all fields are searchable.


    If you want to see only searchable fields in the Available Fields pane, select the cog wheel and customize the view. You can also define the type of search that you want to use, for example, string, Boolean, number, and so on.

    Get all the logs from a specific date

    You can add a time element to your search criteria. Use one of the following options from the Time Range field:

    • Quick — From the last X minutes, hours, days, or weeks.
    • Relative — From the last X minutes, hours, days, or weeks to a specific date.
    • Absolute — From a specific date to another specific date. 

    Add fields to your search or view

    You can add more fields to the default view in order to get more information about your logs. Go to the Available Fields pane, select Add and select the fields you want to show. After you save your selections, the fields appear in the main view.

    Search for errors from two different services at the same time

    Include two or more services in your search criteria. Ensure that the services names are entered in parenthesis and separate them with OR.

    log:error && (kubernetes.labels.serviceName:onboarding-service OR kubernetes.labels.serviceName:telemetry-agent)



    Reference

    TAC Authored

    Contributed by Cisco Engineers

    • Alexandro Carrasquedo
      TS Incubation

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco

    This Document Applies to These Products