Community Training Classes & Labs > F5 CSP Big Data Training Index
Lab 1.7: Create Index and Import Pre-Configured¶
Index’s are elasticsearchs way of storing documents in shards. When index’s are created the mapping templates we uploaded before are used to map each of the fields to a type. This is only done once when the index is created
Note
If mappings are changed are updates required the “index“ will have to be deleted, the template deleted and mapping changed and template added. At this point re-creating the index will remap to the new template
This Lab will focus on creating the index’s for each module based on logstash in Lab4
We will import the prepared f5 module json kibana searches / virtuals / and dashboards.
Task 1 - Create Kibana Index’s¶
- Configure Indexes in Kibana
Configure the first and default index
- index pattern =
pem-* - select
@timestamps
- index pattern =
afm-* - select
@timestamps
Follow PEM example above for AFM
- index pattern =
dns-* - select
@timestamps
Task 2 - Import preconfigured Kibana json’s¶
Searches / Visualisation and Dashboards
- Import object data into Kibana
Import the JSON files in the following order:
- Searches
- Visualisations
- Dashboards
Searches
Visuals
Dashboards
Note
The JSON files have been placed in the IN_CASE_OF_EMERGENCY folder on the desktop