To monitor Elasticsearch, use X-Pack Monitoring. First install X-Pack onto Elasticsearch and configure security if you’re using X-Pack’s security features. Then come back here for instructions on installing and configuring Kibana (the monitoring server) with X-Pack so that Elasticsearch, Kibana, and Liferay DXP can communicate effortlessly and securely (if you’re using X-Pack Security). A Liferay Enterprise Search subscription is necessary for this integration. Contact Liferay’s Sales department for more information.
Tell Elasticsearch to enable data collection.
Download and install Kibana.
Configure Kibana with the proper security settings.
Download and install the Liferay Enterprise Search Monitoring .
Configure the connector to communicate with Elasticsearch.
For the X-Pack security procedure, refer to the X-Pack security article.
Monitoring is enabled on Elasticsearch by default, but data collection isn’t.
Enable data collection by adding this line to
Now install Kibana.
Make sure to install the correct version of Kibana. Check the Liferay Enterprise Search compatibility matrix for details.
Download Kibana and extract it. The root folder is referred to as Kibana Home.
Tell Kibana where to send monitoring data by setting Elasticsearch’s URL in
If encryption is enabled on Elasticsearch, this is an
If not using X-Pack security, start Kibana by opening a command prompt to Kibana Home and entering this command:
If you’re using X-Pack’s security features on the Elasticsearch server, there’s additional configuration required before starting Kibana.
If X-Pack requires authentication to access the Elasticsearch cluster, follow these steps or refer to Elastic’s documentation.
Set the password for the built-in
elasticsearch.username: "kibana" elasticsearch.password: "liferay"
The password is whatever you set it to when initially setting up X-Pack. Once Kibana is installed, you can change the built-in user passwords from the Management user interface.
If you’re not encrypting communication with the Elasticsearch cluster, start Kibana with
and navigate to
localhost:5601. Log in with a user who has the
Follow these steps to configure Kibana if X-Pack encrypts communication with the Elasticsearch cluster. Consult Elastic’s guide for more information.
Add these settings to
elasticsearch.ssl.certificateAuthorities: [ "/path/to/ca.crt" ]
server.ssl.certificate: /path/to/[Elasticsearch Home]/config/localhost.crt
server.ssl.key: /path/to/[Elasticsearch Home]/config/localhost.key
For more information about monitoring and security best practices in a clustered environment, refer to Elastic’s documentation.
After this step you can access Kibana at
https://localhost:5601 and sign in
with a Kibana user. The last step is to hook Kibana up with Liferay DXP.
If you have a Liferay Enterprise Search subscription, download the Liferay
Enterprise Search Monitoring. Install the LPKG file by
copying it into the
Liferay Home/deploy folder. That’s all there is to it.
Once the connector is installed and Kibana and Elasticsearch are securely configured, create a configuration file named
Place these settings in the
kibanaPassword="liferay" kibanaUserName="elastic" kibanaURL="http://localhost:5601"
Alternatively, configure the monitoring adapter from the Control Panel. Navigate to Configuration → System Settings and find the X-Pack Monitoring entry in the Foundation category. All the configuration options for the monitoring connector appear there.
The values differ depending on your Kibana configuration. For example,
kibanaURL="https://localhost:5601"if using X-Pack Security features.
Deploy this configuration file to
Liferay Home/osgi/configs, and the settings are picked up by your running instance. There’s no need to restart the server.
There are two more settings to add to Kibana itself. The first forbids Kibana from rewriting requests prefixed with
server.basePath. The second sets Kibana’s base path for the Monitoring portlet to act as a proxy for Kibana’s monitoring UI. Add this to
server.rewriteBasePath: false server.basePath: "/o/portal-search-elasticsearch-xpack-monitoring/xpack-monitoring-proxy"
Note that once you set the
server.basePath, you cannot access the Kibana UI through Kibana’s URL (for example,
https://localhost:5601). All access to the Kibana UI is via the monitoring portlet, which is only accessible to logged in Liferay DXP users. Navigate directly to the portlet using this URL: http://localhost:8080/o/portal-search-elasticsearch-xpack-monitoring/xpack-monitoring-proxy/app/monitoring
Because you’re using the Monitoring portlet in Liferay DXP as a proxy to Kibana’s UI, if you are using X-Pack Security, you must configure the application server’s startup JVM parameters to recognize a valid truststore and password.
First, navigate to Elasticsearch Home and generate a PKSC#12 certificate from the CA you created when setting up X-Pack security:
./bin/elasticsearch-certutil cert --ca-cert /path/to/ca.crt --ca-key /path/to/ca.key --ip 127.0.0.1 --dns localhost --name localhost --out /path/to/Elasticsearch_Home/config/localhost.p12
Next use the
keytoolcommand to generate a truststore:
keytool -importkeystore -deststorepass liferay -destkeystore /path/to/truststore.jks -srckeystore /path/to/Elasticsearch_Home/config/localhost.p12 -srcstoretype PKCS12 -srcstorepass liferay
Add the trustore path and password to your application server’s startup JVM parameters. Here are example truststore and path parameters for appending to a Tomcat server’s
Restart Liferay DXP and Kibana.
Once Kibana and X-Pack are successfully installed and configured and all the servers are up and running, add the X-Pack Monitoring portlet to a page:
Open the Add menu on a page and choose Applications
Search for monitoring and drag the X-Pack Monitoring application from the Search category onto the page.
See the Elastic documentation for information on monitoring Elasticsearch.