Configuring Kibana to read the Elasticsearch index with packet logs

After configuring Packetbeat, we can test the Elasticsearch index and verify the index with the packetbeat prefix. Now, once the Elasticsearch index for Packetbeat is created, we can import this index into Kibana and start playing around to create meaningful dashboards.

For creating these dashboards, we need to click on the Management tab on the left-hand side menu of Kibana and then click on the Index Patterns link:

On the Index Patterns screen, we have a list of the previous indexes and a data type display of the default index is shown. We can select and delete any index from this screen and also mark any index as the default index. As we need to create a new index pattern, we will click on the Create index pattern button, which will open the following screenshot:

Here, in Step 1 of 2: Create index pattern and Define index pattern, we have the option to enter the index pattern that we want to add, so we will start writing the name of the index, which is packetbeat*. As soon as we start typing the name, Kibana will start suggesting the name of the available index. These names are coming in through the filter criteria. After filling in the name of the appropriate index pattern, we need to click on the Next step button, which will open the following screenshot:

Now, we are at Step 2 of 2: Configure settings. Here, we need to choose the Time Filter field name from the dropdown, which shows all the fields that have a time and data type. Now, we need to click on the Create index pattern button, which will show the data types of this index. Now, the integration of the Elasticsearch index into Kibana is complete, which we can verify by clicking on the Discover tab on the left menu. On the Discover menu, we can see the index data with all the fields, which we can explore at a later date.