- Kibana Guide: other versions:
- What is Kibana?
- What’s new in 8.10
- Kibana concepts
- Quick start
- Set up
- Install Kibana
- Configure Kibana
- Alerting and action settings
- APM settings
- Banners settings
- Cases settings
- Enterprise Search settings
- Fleet settings
- i18n settings
- Logging settings
- Logs settings
- Metrics settings
- Monitoring settings
- Reporting settings
- Search sessions settings
- Secure settings
- Security settings
- Spaces settings
- Task Manager settings
- Telemetry settings
- URL drilldown settings
- Start and stop Kibana
- Access Kibana
- Securing access to Kibana
- Add data
- Upgrade Kibana
- Configure security
- Configure reporting
- Configure logging
- Configure monitoring
- Command line tools
- Production considerations
- Discover
- Dashboard and visualizations
- Canvas
- Maps
- Build a map to compare metrics by country or region
- Track, visualize, and alert on assets in real time
- Map custom regions with reverse geocoding
- Heat map layer
- Tile layer
- Vector layer
- Plot big data
- Search geographic data
- Configure map settings
- Connect to Elastic Maps Service
- Import geospatial data
- Troubleshoot
- Reporting and sharing
- Machine learning
- Graph
- Alerting
- Observability
- APM
- Set up
- Get started
- How-to guides
- Configure APM agents with central config
- Control access to APM data
- Create an alert
- Create custom links
- Filter data
- Find transaction latency and failure correlations
- Identify deployment details for APM agents
- Integrate with machine learning
- Observe Lambda functions
- Query your data
- Storage Explorer
- Track deployments with annotations
- Users and privileges
- Settings
- REST API
- Troubleshooting
- Security
- Dev Tools
- Fleet
- Osquery
- Stack Monitoring
- Stack Management
- REST API
- Get features API
- Kibana spaces APIs
- Kibana role management APIs
- User session management APIs
- Saved objects APIs
- Data views API
- Get all data views
- Get data view
- Create data view
- Update data view
- Delete data view
- Swap references preview
- Swap references
- Get default data view
- Set default data view
- Update data view fields metadata
- Get runtime field
- Create runtime field
- Upsert runtime field
- Update runtime field
- Delete runtime field
- Index patterns APIs
- Alerting APIs
- Action and connector APIs
- Cases APIs
- Add comment
- Create case
- Delete cases
- Delete comments
- Find case activity
- Find cases
- Find connectors
- Get alerts
- Get case activity
- Get case
- Get case status
- Get cases by alert
- Get comments
- Get configuration
- Get reporters
- Get tags
- Push case
- Set configuration
- Update cases
- Update comment
- Update configuration
- Import and export dashboard APIs
- Logstash configuration management APIs
- Machine learning APIs
- Osquery manager API
- Short URLs APIs
- Get Task Manager health
- Upgrade assistant APIs
- Kibana plugins
- Troubleshooting
- Accessibility
- Release notes
- Kibana 8.10.4
- Kibana 8.10.3
- Kibana 8.10.2
- Kibana 8.10.1
- Kibana 8.10.0
- Kibana 8.9.2
- Kibana 8.9.1
- Kibana 8.9.0
- Kibana 8.8.2
- Kibana 8.8.1
- Kibana 8.8.0
- Kibana 8.7.1
- Kibana 8.7.0
- Kibana 8.6.1
- Kibana 8.6.0
- Kibana 8.5.2
- Kibana 8.5.1
- Kibana 8.5.0
- Kibana 8.4.3
- Kibana 8.4.2
- Kibana 8.4.1
- Kibana 8.4.0
- Kibana 8.3.3
- Kibana 8.3.2
- Kibana 8.3.1
- Kibana 8.3.0
- Kibana 8.2.3
- Kibana 8.2.2
- Kibana 8.2.1
- Kibana 8.2.0
- Kibana 8.1.3
- Kibana 8.1.2
- Kibana 8.1.1
- Kibana 8.1.0
- Kibana 8.0.0
- Kibana 8.0.0-rc2
- Kibana 8.0.0-rc1
- Kibana 8.0.0-beta1
- Kibana 8.0.0-alpha2
- Kibana 8.0.0-alpha1
- Developer guide
IBM Resilient connector and action
editIBM Resilient connector and action
editThe IBM Resilient connector uses the RESILIENT REST v2 to create IBM Resilient incidents.
Create connectors in Kibana
editYou can create connectors in Stack Management > Connectors or as needed when you’re creating a rule. For example:
![IBM Resilient connector](management/connectors/images/resilient-connector.png)
Connector configuration
editIBM Resilient connectors have the following configuration properties:
- Name
- The name of the connector.
- URL
- IBM Resilient instance URL.
- Organization ID
- IBM Resilient organization ID.
- API key ID
- The authentication key ID for HTTP Basic authentication.
- API key secret
- The authentication key secret for HTTP Basic authentication.
Create preconfigured connectors
editIf you are running Kibana on-prem, you can define connectors by
adding xpack.actions.preconfigured
settings to your kibana.yml
file.
For example:
xpack.actions.preconfigured: my-resilient: name: preconfigured-resilient-connector-type actionTypeId: .resilient config: apiUrl: https://elastic.resilient.net orgId: ES secrets: apiKeyId: testuser apiKeySecret: tokenkeystorevalue
Config defines information for the connector type.
-
apiUrl
- An address that corresponds to URL.
-
orgId
- An ID that corresponds to Organization ID.
Secrets defines sensitive information for the connector type.
-
apiKeyId
- A string that corresponds to API key ID.
-
apiKeySecret
- A string that corresponds to API Key secret. Should be stored in the Kibana keystore.
Test connectors
editYou can test connectors with the run connector API or as you’re creating or editing the connector in Kibana. For example:
![IBM Resilient params test](management/connectors/images/resilient-params-test.png)
IBM Resilient actions have the following configuration properties.
- Incident types
- The type of the incident.
- Severity code
- The severity of the incident.
- Name
- A name for the issue, used for searching the contents of the knowledge base.
- Description
- The details about the incident.
- Additional comments
- Additional information for the client, such as how to troubleshoot the issue.
Connector networking configuration
editUse the Action configuration settings to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use xpack.actions.customHostSettings
to set per-host configurations.
Configure IBM Resilient
editIBM Resilient offers Instances, which you can use to test incidents.
On this page