- Kibana Guide: other versions:
- What is Kibana?
- What’s new in 7.15
- Kibana concepts
- Quick start
- Set up
- Install Kibana
- Configure Kibana
- Alerting and action settings
- APM settings
- Banners settings
- Development tools settings
- Graph settings
- Fleet settings
- i18n settings
- Logging settings
- Logs settings
- Metrics settings
- Machine learning settings
- Monitoring settings
- Reporting settings
- Secure settings
- Search sessions settings
- Security settings
- Spaces settings
- Task Manager settings
- Telemetry settings
- URL drilldown settings
- Start and stop Kibana
- Access Kibana
- Securing access to Kibana
- Add data
- Upgrade Kibana
- Configure security
- Configure reporting
- Configure monitoring
- Production considerations
- Discover
- Dashboard and visualizations
- Canvas
- Maps
- Build a map to compare metrics by country or region
- Track, visualize, and alert on assets in real time
- Map custom regions with reverse geocoding
- Heat map layer
- Tile layer
- Vector layer
- Plot big data
- Search geographic data
- Configure map settings
- Connect to Elastic Maps Service
- Import geospatial data
- Troubleshoot
- Reporting and sharing
- Machine learning
- Graph
- Alerting
- Observability
- APM
- Security
- Dev Tools
- Fleet
- Osquery
- Stack Monitoring
- Stack Management
- REST API
- Get features API
- Kibana spaces APIs
- Kibana role management APIs
- User session management APIs
- Saved objects APIs
- Index patterns APIs
- Alerting APIs
- Action and connector APIs
- Import and export dashboard APIs
- Logstash configuration management APIs
- Shorten URL
- Get Task Manager health
- Upgrade assistant APIs
- Kibana plugins
- Accessibility
- Release notes
- Developer guide
REST API
editREST API
editSome Kibana features are provided via a REST API, which is ideal for creating an integration with Kibana, or automating certain aspects of configuring and deploying Kibana.
Using the APIs
editInteract with the Kibana APIs through the curl
command and HTTP and HTTPs protocols.
It is recommended that you use HTTPs on port 5601 because it is more secure.
The Kibana Console supports only Elasticsearch APIs. You are unable to interact with the Kibana APIs with the Console and must use curl
or another HTTP tool instead. For more information, refer to Console.
Authentication
editThe Kibana APIs support key- and token-based authentication.
Token-based authentication
editTo use token-based authentication, you use the same username and password that you use to log into Elastic. In a given HTTP tool, and when available, you can select to use its Basic Authentication option, which is where the username and password are stored in order to be passed as part of the call.
Key-based authentication
editTo use key-based authentication, you create an API key using the Elastic Console, then specify the key in the header of your API calls.
For information about API keys, refer to API keys.
API calls
editAPI calls are stateless. Each request that you make happens in isolation from other calls and must include all of the necessary information for Kibana to fulfill the request. API requests return JSON output, which is a format that is machine-readable and works well for automation.
Calls to the API endpoints require different operations. To interact with the Kibana APIs, use the following operations:
- GET - Fetches the information.
- POST - Adds new information.
- PUT - Updates the existing information.
- DELETE - Removes the information.
For example, the following curl
command exports a dashboard:
curl -X POST api/kibana/dashboards/export?dashboard=942dcef0-b2cd-11e8-ad8e-85441f0c2e5c
Request headers
editFor all APIs, you must use a request header. The Kibana APIs support the kbn-xsrf
and Content-Type
headers.
-
kbn-xsrf: true
-
By default, you must use
kbn-xsrf
for all API calls, except in the following scenarios:-
The API endpoint uses the
GET
orHEAD
operations -
The path is allowed using the
server.xsrf.allowlist
setting -
XSRF protections are disabled using the
server.xsrf.disableProtection
setting
-
The API endpoint uses the
-
Content-Type: application/json
-
Applicable only when you send a payload in the API request. Kibana API requests and responses use JSON.
Typically, if you include the
kbn-xsrf
header, you must also include theContent-Type
header.
Request header example:
curl -X POST \ http://localhost:5601/api/spaces/space \ -H 'Content-Type: application/json' \ -H 'kbn-xsrf: true' \ -d '{ "id": "sales", "name": "Sales", "description": "This is your Sales Space!", "disabledFeatures": [] } '
On this page