4 steps to put your Security Onion reports on auto-pilot!

If you are running Elastic Stack with Security Onion for Intrusion Detection and Enterprise Security Monitoring, you already know the importance of report automation. Whether compliance or ad hoc, MSSPs can sink countless hours into reporting. The manual process of building and sending those reports means valuable resources are taken away from the role they were hired to perform.

With Skedler, now a Security Onion user with any user privilege can generate a report and automate its distribution. All you need is the Elasticsearch and Kibana Admin credentials to connect your Security Onion environment with Skedler. The focus of this blog post will be on how to email PDF, PNG, HTML Inline, Excel or CSV reports from the Security Onion using Skedler’s integration with Kibana.

What is Security Onion?

If you’ve never heard about Security Onion before, it is a Linux distro for Intrusion Detection, Network Security Monitoring, and Log Management. Security Onion by Doug Burks is a Ubuntu-based distribution containing many security tools such as Snort, Bro, OSSEC, Sguil, Squert, and more. The distribution allows an analyst to configure and run an intrusion detection system with complete monitoring and reporting capability in a few minutes.

Source: Security Onion website

Why Skedler Reports for Security Onion?

With Skedler, MSSPs can generate compliance reports (e.g. PCI ASV reports) quickly and easily to save countless man-hours, deliver reports 10x faster, and enable their customers to mitigate vulnerabilities more quickly. You can use filters to create specific reports for specific projects, allow users from high-level executives to technicians, and schedule reports to be delivered at any time.

Skedler Reports offers the most powerful, flexible, and easy-to-use data monitoring solution that companies use to exceed customer SLAs, achieve compliance, and empower internal IT and business leaders.

By using Skedler Reports, you can enjoy the following benefits:

• Simple installation, quick configuration, faster deployment
• Send visually appealing, personalized reports
• Report setup takes less than 5 minute
• Send PDF, PNG, HTML Inline, Excel or CSV reports on-demand or periodically via email or slack channel.
• Help users see and understand data faster with customized mobile & print-ready reports

How to generate reports from Security Onion using Skedler?

There are four basic steps to start generating Security Onion reports using Skedler:

Install Skedler

The obvious first step is installing Skedler on your machine. To download Skedler, you can click on this link and enter the required information. Once downloaded, you can start the installation depending on the OS type. We support Debian, Docker, Kubernetes, Linux, macOS, and Windows. You can refer to this Installation Guide to know more about the steps.

Activate Skedler

After installation, the next step is activation. An email will be sent to you after the download containing a license key. Using this key, you can activate Skedler both online and offline. Here is a sneak peak of the online activation steps:

You can watch the video tutorials for Online Activation and Offline Activation. If you wish to read the docs instead, you can find them here.

Connect Security Onion with Skedler

Skedler is now ready to start generating reports from any data source of your choice. It just needs you to connect it with the same. It takes less than a minute to connect any data source to Skedler. Moreover, you get to choose if the data source credentials will be embedded or prompted to the user to grant access.

Check out this quick tutorial video to see how easy it is!

Generate Security Onion Reports

Here comes the fun part! Without using a single line of code, now you can automate your Threat Analysis report, Vulnerability Report, and Network Traffic Analysis Report from Security Onion and share it with the right audience at the right time. There are three steps to generating a report:

Report Designing

With Skedler, you can design the report with text, parameters, elements as well as images. You can add your company logo to these reports and report names to create more credibility among your customers and other stakeholders. 

Check out how easy it is to add charts from your Kibana dashboard to these Skedler report:

Other options available at the design stage are:

a. Adding Burst Filter: This filter can be used to use one dashboard and send reports to multiple customers at the same time based on different dashboard queries.

b. Selecting Time Window: You can choose between selecting any particular time frame or using the dashboard time window. 

Report Scheduling

Once the report design is completed, we can set the Schedule. Here, you can set the recurrence and frequency. You also get the option of adding holidays. The export options include PNG, HTML Inline, Excel, and CSV.

Report Distribution

Skedler allows seamless distribution via Email as well as Slack channel. For the email channel, you can add the recipients and use parameters to customize the subject or body of the email. Similarly, for Slack, you can select the channel or the direct recipient to receive these reports upon generation.

These reports can be generated, downloaded, and mailed at any time irrespective of the schedule. You can share the report with any user within the organization. You can edit the report design or schedule and check the history of these reports as well.

To see the Security Onion report generation in action, check out this step-by-step tutorial.

Summary

This blog was a very quick overview of how to automate reports from Security Onion Dashboards using Skedler. We have accumulated a series of documentation and videos for you to check out all of the above-mentioned information in detail. If you haven’t already, download Skedler now and try it free for 15 days.

An Easy Way to Export / Import Dashboards, Searches and Visualizations from Kibana

Introduction

Manually recreating Kibana dashboards, searches, and visualizations during upgrades, production deployment or recovery is a time-consuming affair. The easiest way to recreate the prebuilt Kibana dashboard and other objects is by exporting and importing dashboards, searches, and visualizations. This can be achieved by using,

• Kibana API (available since Kibana 7.x) 
• Kibana UI

If are you looking to export and import the Kibana dashboards and its dependencies automatically, we recommend the Kibana API’s. Also, you can export and import dashboard from Kibana UI.

Note: User should add the dependencies of the dashboards like visualization, index pattern individually while exporting or importing from Kibana UI.

Export Objects From Kibana API

The export API enables you to retrieve a set of saved objects that can later be imported into Kibana.

Request

POST /api/saved_objects/_export

Request Body

At least type or objects must be passed in within the request body.

type (optional)

(array/string) The saved object type(s) that the export should be limited to.

The following example exports all index pattern saved objects.

POST api/saved_objects/_export { “type”: “index-pattern” }

Example Curl:

curl -X POST “http://localhost:5601/api/saved_objects/_export” -H ‘kbn-xsrf: true’ -H ‘Content-Type: application/json’ -d’ { “type”: “index-pattern” } ‘

objects (optional)

(array) A list of objects to export

The following example exports specific saved objects.

POST api/saved_objects/_export

{

  “objects”: [

    {

      “type”: “dashboard”,

      “id”: “be3733a0-9efe-11e7-acb3-3dab96693fab”

    }  ]

}

Example Curl:

curl -X POST “http://localhost:5601/api/saved_objects/_export” -H ‘kbn-xsrf: true’ -H ‘Content-Type: application/json’ -d’ { “objects”: [ { “type”: “dashboard”, 

“id”: “be3733a0-9efe-11e7-acb3-3dab96693fab” } ] } ‘

Response Body

The response body will have a format of newline delimited JSON and the successful call returns a response code of 200 along with the exported objects as the response body.

Import Objects From Kibana API

The import API enables you to create a set of Kibana saved objects from a file created by the export API.

Request

POST /api/saved_objects/_import

Request Body

The request body must be of type multipart/form-data.

File

A file exported using the export API.

Example

The following example imports an index pattern and dashboard.

curl -X POST “localhost:5601/api/saved_objects/_import” -H “kbn-xsrf: true” –form file=@file.ndjson

The file.ndjson file would contain the following.

{“type”:”index-pattern”,”id”:”my-pattern”,”attributes”:{“title”:”my-pattern-*”}}

{“type”:”dashboard”,”id”:”my-dashboard”,”attributes”:{“title”:”Look at my dashboard”}

Response Body

A successful call returns a response code of 200 and a response body containing a JSON structure similar to the following example:

{

  “success”: true,

  “successCount”: 2

}

Export Objects From Kibana UI:

You can now export your objects from Kibana UI under Management > Saved Objects > Export. Select the checkboxes of the objects you want to export, and click Export. Or to export objects by type:

• Click Export objects.
• Select the object types you want to export.
• Click Export All.

Import Objects From Kibana UI:

 You can import your JSON file from Kibana UI under Management > Saved Objects > Import. Follow the below steps to import your 

• Click Import.
• Navigate to the JSON file that represents the objects to import.
• Indicate whether to overwrite objects already in Kibana.
• Click Import.

Summary:

Exporting and importing the saved objects from the Kibana is an effective and easiest way to recreate dashboards and other objects in new environments or during migrations.

If you are looking to automate and make the process simpler,  we recommend using the Kibana APIs or else you can use the Kibana UI for granular export and import.

Kibana Customization – The brilliant beginner’s guide to simplifying Kibana for non-technical users

Kibana is an exceptional tool for technical users focused on log analysis and data visualization. But did you ever feel like Kibana is a little too overwhelming for your stakeholders and customers? If yes,  then you belong to a vast majority of users. Like you, many of our customers felt like the kibana is too difficult to use for their non-technical users and asked us if it is possible to simplify its user experience.

Simplifying Kibana

The Skedler team has been working with the Elastic Stack for several years now, starting all the way back in v1.x.  Given our team’s years of expertise, we wondered how can we help our customers? The problem with Kibana is that it is a swiss-army knife with too many options when all you need is a simple sharp penknife.   Is it possible to customize Kibana and make it a really effective penknife?

Today, we want to share with you some ideas on how Kibana can be customized and made simpler. If you are interested in learning more or need our help, drop us a note at hello@skedler.com and we’ll connect with you.  

Project Simpana (Simple Kibana) – Customized Kibana

To simplify Kibana, we focused on five areas of user experience:

1. Login
2. Navigation
3. Dashboard
4. Visualization
5. Reporting

Customized Login

Kibana is secured with a security plugin. We customized the login page to keep it simple. In addition, we customized the logo, color schema and the look -n-feel in such a way that it doesn’t even look like kibana anymore 😉

Easy Navigation

After login, instead of the standard Kibana home page, the users are automatically taken to the dashboard list since dashboards are the most frequently used. The look and feel of the dashboard list are clean. We used the same color theme as Skedler. In the sidebar, we removed the items that are not essential for a typical user.  

We strongly believe that the resulting user experience is clean, simple, and productive.

Simple Dashboard

In the dashboard page, instead of displaying too many buttons to the user, we grouped all the button inside the Actions drop list. Once again, this simplifies the user experience without losing any function.   

Adding New Visualization

In the above dashboard, you can see a new visualization in the bottom left. It is called Sankey visualization. It is a not available out-of-the-box in Kibana. One of our customers needed to visualize data connections from source to destination.   We added a Sankey visualization to the Kibana framework to visualize the data connections.

A little bit more about Sankey.  Sankey diagrams are a specific type of flow diagram, in which the width of the connectors is shown proportionally to the flow quantity.  Sankey diagram is a visualization used to depict a flow from one set of values to another. The things being connected are called nodes and the connections are called links.  Sankey diagrams are typically used to visualize data, energy, material or cost transfers between processes. Sankey diagrams put a visual emphasis on the major transfers or flow within a system. They are helpful in locating dominant contributions to an overall flow. Often, Sankey diagrams show conserved quantities within defined system boundaries.  

Reporting

The users needed to automate reporting within the Kibana UI so that they don’t need to login to multiple screens.   Therefore, Reporting was a key requirement for auditing and compliance.  We added Skedler Reports plugin to Kibana. Users can easily create, schedule and generate reports from within Kibana.

Summary

Our goal was to make Kibana simple and easy to use for the non-technical users.  We achieved our objectives with the clean design, easy navigation, and simple dashboard layout, Finally, as an icing on the cake, we also simplified reporting with the Skedler reports.  

We are continuing to explore Kibana customization and adding new visualizations to Kibana. We invite you to share your feedback on this article and what new capabilities you’d like to see in the future. If you would like to learn more,  reach out to us at hello@skedler.com.  

A Comparison of Reporting Tools for Elastic Stack – Elastic Reporting and Skedler Reports

Elasticsearch is stronger with every new release while the Kibana visualizations are getting more sophisticated thereby helping users explore the Elasticsearch data effortlessly. All the search, analytics and visualization capability lead to one thing: reporting.

We recently published a white paper discussing the reporting options for Elastic Stack.

• Elastic Reporting, from Elastic as part of Elastic Stack Features (formerly X-Pack)
• Skedler Reports, a reporting solution provided by Guidanz Inc.

In the white paper, we dive into the details of the two reporting tools, compare their features and discuss their use cases. While both the tools provide excellent reporting features for Elastic stack, they differ in several areas. Below is a brief highlight:  

Customization

Being able to customize reports is very important, it not only allows for flexibility in presenting the information, but it also enables users to personalize the reports while building the feeling of ownership and brand. Elastic Reporting currently offers basic customization features which includes an option to add a logo, two built-in layouts, and two formats (CSV and PDF). Although this may prove to be useful in some scenarios, Elastic Reporting may be too narrow due to the lack of customization.

Skedler Reports, on the other hand, features a long list of customization features from Kibana dashboards, searches, and Grafana dashboards. Skedler Reports offers three report formats (CSV, PDF, and XLS), three layouts including a report designer for custom visualization layout, flexible templates, and report bursting. Report bursting allows users to send multiple personalized reports to groups of recipients based on a single report definition.

Ease of Use

Outstanding ease of use can dramatically decrease the resources and time needed to integrate reporting into your application. Elastic Reporting currently require users to write scripts to schedule reports and send notifications. This may not be an issue for users who are comfortable with scripts, but it may become a maintenance issue for those who aren’t. Elastic Reporting also does have a one minute time limit for generating reports, making it difficult for those who have larger dashboards.

Skedler Reports does not require the user to write scripts at any time making it easy to learn and use regardless of the user’s background. In addition, Skedler Reports can easily generate reports from large dashboards without any time limits. This allows reports to be seamlessly generated from a substantial amount of data without experiencing glitches.

Affordable

Technical abilities are not the only things that differentiate Elastic Reporting and Skedler Reports, their licensing models are also different. Elastic Reporting is part of the licensed Elastic Stack Features (formerly X-Pack) that bundles other capabilities into one package.  To deploy reporting, users must register for a Gold or Platinum license subscription (or the Free license for basic features – like CSV export). The license subscriptions can become expensive and users might end up paying for features that they don’t really need.

Skedler Reports offers a flexible and affordable licensing option.  By paying only for the reporting features that they need, users can use Skedler in conjunction with open source or third-party tools for Elasticsearch.   

Comparison

The following table summarizes the significant differences between Elastic Reporting and Skedler Reports.

Conclusion

Reporting has become a critical requirement as organizations use Elastic Stack in a variety of use cases. It is crucial that users adequately evaluate and choose the best option for their organization.  The white paper discusses several scenarios for using Elastic Reporting and Skedler Reports. For more guidance on choosing the best reporting option for your use case, download the full white paper and discover the reporting solution that works best for you.

Download The White Paper

The Top 5 ELK Stack+ Tools Every Business Intelligence Analyst Needs

Updated for 2018.

The world’s most popular log management platform, ELK (Elasticsearch, Logstash and Kibana) Stack, is a powerful tool for business intelligence. But most businesses rely on multiple sources of data and need a way to analyze it all to improve the system and allocate resources properly.

The Elastic stack has many integrations with different log management tools. However, it isn’t the ideal tool in every business case, especially when you have multiple data sources. Given the breadth of tools in the marketplace, how do you decide which ones to add to your stack for optimal BI analysis? We put together our list for the top business intelligence tools to compliment ELK stack in 2018.

What makes ELK Stack tools just so attractive? Since it’s based on the Lucene search engine, Elasticsearch is a NoSQL database which forms as a log pipeline tool; accepting inputs from various sources, executing transformations, then exporting data to designated targets. It also carries enhanced customizability, which is a key preference nowadays, since program tweaking is more lucrative and stimulating for many engineers. This is coupled with ELK’s increased interoperability, which is now a practically indispensable feature, since most businesses don’t want to be limited by proprietary data formats.

1. Microsoft Power BI

https://powerbi.microsoft.com/en-us/

Microsoft Power BI is the most cost-efficient cloud-based option for analyzing and visualizing business intelligence data. Power BI offers ease-of-use, excel-based add ons and the ability to use browser- and desktop-based authoring with apps and platforms – both on-premise and in the cloud. Additionally, Microsoft Power BI is the only one of these tools to provide extensive R and big data integrations.

While Power BI doesn’t integrate with ELK stack natively, you can automate export of ELK data or use the REST API to combine it with both on-premise and cloud based datasets for complex data analysis.  Moreover, it has added data preparation, data discovery and data dashboards recently for enterprise users. The Power BI Suite is delivered on the Microsoft Azure Cloud platform, with the Power BI Desktop provided on-premise as a stand-alone option.

2. Tableau

https://www.tableau.com/products/desktop

Tableau is known as the industry leader in business intelligence data visualization. While it has a fairly steep learning curve to get all the value (like both Power BI and Qlik), it is the leader in ease of use. A non-technical user will still be able to create dashboards and get insights using the drag-and-drop interface. For advanced embedded analytics, Tableau is the clear leader. However, its architecture falls behind Qlik in supporting self-contained ETL and data storage.

Tableau can connect to most data sources through their more stable and mature APIs, and has added support for R. Like Power BI, Tableau doesn’t offer native integration to ELK, but you can automate export and import of ELK data into Tableau with connectors. They have been making several improvements to the UI, including improvements to the data wrangling and responsive mobile app. Additionally, Tableau has focused on expanding support for more complex data federation workflows and other feature requirements of large enterprise companies.

3. Qlik

https://www.qlik.com/us  

Qlik allows data exploration beyond the pattern-recognition capabilities of SQL data structures and queries with a powerful in-memory engine, though Qlik is not as good at advanced embedded analytics as Tableau. Qlik is well-known for developing enterprise-level products and great customer service that makes scaling more efficient. With a streamlined onboarding process, Qlik makes generating insights and value quick as well.

Similar to other visual analytics tools, Qlik doesn’t offer direct integration to ELK platform and requires export/import. Qlik’s functionality is always being improved, and it already has one of the leading Application Programming Interface (API) command sets in analytics. QlikView is a powerful reporting engine that goes beyond visual dashboards, and it goes beyond Tableau in its wide variety of integration points.

4. Anaconda

https://www.anaconda.com/distribution/

For data scientists, Anaconda is a great addition for prescriptive analytics and machine learning. It is an open source, freemium package manager (with conda), environment manager, a Python and R distribution and collection of open source packages. One of the biggest advantages of Anaconda is it just works right away. You can import ELK data into anaconda and build custom machine learning models that meet your business requirements.  

5. Slack

https://slack.com/

No, Slack is not a BI tool, but the team messaging and collaboration platform is one of the best ways to keep everyone up to speed. Apart from the productivity features, such as group channels and direct messaging, Slack has a huge number of integrations. There’s one for almost every enterprise product available. Plus, it’s much more fun to use than email. Slack is an excellent tool to distribute and consume reports and alerts from your ELK platform.

Bonus: Skedler

ELK Stack reporting and alerting tool Skedler combines all the automated processes you’d never dream you could have within one affordable unit. Fundamentally, it simplifies scheduling and distribution of relevant data as reports and alerts from ELK platform. With faster your speed-to-market, you can focus on more important things.    

Reports can be print-ready, high-resolution PDFs or analysis-ready CSV/XLS reports generated periodically from ELK platform. Alerts deliver timely information about anomalies in ELK data. Skedler delivers both reports and alerts via Slack in addition to email. You can also set up Alerts to trigger webhooks. By automating the export of data, Skedler can serve as the simple, time-saving bridge between your ELK platform and Analytics toolkit.   

There you have it, the top ELK Stack+ tools no business intelligence analyst should ever be without!

Ready to start streamlining your analysis and start reporting and alerting with more stability? Right now, we’re offering a free trial.

What are your favorite tools? What is critical to your stack?

Skedler Review: The Report Scheduler Solution for Kibana

 Matteo Zuccon is a software developer with a passion for web development (RESTFull services, JS Frameworks), Elasticsearch, Spark, MongoDB, and agile processes. He runs whiletrue.run. Follow him on Twitter @matteo_zuccon. 

With Kibana you can create intuitive charts and dashboards. Since Aug 2016 you can export your dashboards in a PDF format thanks to Reporting. With Elastic version, 5 Reporting has been integrated into X-Pack for the Premium and Enterprise subscriptions.

Recently I tried Skedler, an easy to use report scheduling and distribution application for Kibana that allows you to centrally schedule and distribute Kibana Dashboards and Saved Searches as hourly/daily/weekly/monthly PDF, XLS or PNG reports to various stakeholders.

Skedler is a standalone app that allows you to utilize a new dashboard where you can manage Kibana reporting tasks (schedule, dashboards and saved search). Right now there are four different price plans (from free to premium edition).

In this post I am going to show you how to install Skedler (on Ubuntu) and how export/schedule a Kibana dashboard.

Install Pre-requisites

sudo apt-get -y update

sudo apt-get install -y libfontconfig1 libxcomposite1 libxdamage1 libcups2 libasound2 libxrandr2 libxfixes3 libnss3 libnss3-dev libxkbcommon-dev libgbm-dev libxshmfence-dev libatk1.0-0 libatk-bridge2.0-0 libgtk-3-0 gcc make

Install .deb package

Download the latest skedler-xg.deb file and extract it.  If you have previously installed the .deb package, remove it before installing the latest version.

curl -O https://skedler-v5-releases.s3.amazonaws.com/downloads/latest/skedler-xg.deb

sudo dpkg -i skedler-xg.deb

Install .tar.gz package

Download the latest skedler-xg.tar.gz file and extract it.

curl -O https://skedler-v5-releases.s3.amazonaws.com/downloads/latest/skedler-xg.tar.gz

sudo tar xzf skedler-xg.tar.gz

cd skedler-xg

sudo chmod -R 777 *

Configure your options for Skedler v5

Skedler Reports has a number of configuring options that can be defined in its reporting.yml file (located in the skedler folder).  In the reporting.yml file, you can configure options to run Skedler in an air-gapped environment, change the port number, define the hostname, change the location for the Skedler database, and log files.

Read more about the reporting.yml configuration options.

Start Skedler for .deb

To start Skedler, the command is:

sudo service skedler start

To check status, the command is:

sudo service skedler status

To stop Skedler. the command is:

sudo service skedler stop

Start Skedler for .tar.gz

To run Skedler manually, the command is:

sudo bin/skedler

To run Skedler as a service, the commands are:

sudo ./install_as_service.sh

To start Skedler, the command is:

sudo service skedler start

To check status, the command is:

sudo service skedler status

To stop Skedler. the command is:

sudo service skedler stop

Access Skedler Reports

The default URL for accessing Skedler Reports v5 is:

http://localhost:3005/

If you had made configuration changes in the reporting.yml, then the Skedler URL is of the following format:

http://<hostname or your domainurl>:3005

or

http://<hostname or your domain url>:<port number>

Login to Skedler Reports

By default, you will see the Create an account UI.  Enter your email to create an administrator account in Skedler Reports. Click on Continue.

Note: If you have configured an email address and password in reporting.yml, then you can skip the create account step and proceed to Login.

An account will be created and you will be redirected to the Login page.

Sign in using the following credentials:

Username: <your email address>   (or the email address you configured in reporting.yml)Password: admin   (or the password you configured in reporting.yml)

Click Sign in.

You will see the Reports Dashboard after logging in to the skedler account.   

In this post, I demonstrated how to install and configure Skedler and how to create a simple schedule for our Kibana dashboard. My overall impression of Skedler is that it is a powerful application to use side-by-side with Kibana that allows you to deliver reports directly to your stakeholders.

These are the main benefits that Skedler offers:

• It’s easy to install
• Linux, Windows  and Mac OS support (it runs on Node.js server)
• Reports are generated locally (your data isn’t sent to the cloud or Skedler servers)
• Competitive price plans
• Supports Kibana and Grafana.
• Automatically discovers your existing Kibana Dashboards and Saved Searches (so you can easily use Skedler in any environment with no new stack installation needed)
• It lets you centrally schedule and manage who gets which reports and when they get them
• Allows for hourly, weekly, monthly, and yearly schedules
• Generates XLS and PNG reports besides PDF as opposed to Elastic Reporting that only supports PDF.
• I strongly recommend that you try Skedler because it can help you to automatically deliver reports to your stakeholders and it integrates within your ELK environment without any modification to your stack.

Click here for free trial option.

You can find more resources about Skedler here:

• Skedler – How it works
• Skedler Licensing
• Skedler – Blog

Automated Kibana Reporting: A Marketer’s Guide

Skedler’s enhanced Kibana reporting solutions can do more than just enhance the way you manage information. It effectively transforms your Elasticsearch-Logstash-Kibana(ELK) platform into a business intelligence platform. Much of this is helped by Kibana’s dashboard, which applications such as Skedler improve on even further by incorporating actionable reporting, scheduling, and more. Marketing departments are particularly seeing the advantages of automating Kibana tasks through Skedler. They’re able to utilize ELK to gather intelligence, which is then easily exported as convenient, customer-friendly reports.

Two of our current case studies have demonstrated Kibana’s automated processes to be highly useful to their marketers.

Kane LPI, a third-party administration service specializing in investment and compliance, sought out Skedler to help them produce clear reports from thousands of lines of log entries from multiple systems. Kane LPI’s internal marketers needed to receive daily log reports in order to view daily analytics which could then be reviewed and sent to their clients. Skedler’s Kibana reporting solution produced clear scheduled reports from thousands of lines of log entries from multiple systems. This served as key monitoring tool while satisfying auditing requirements in the process.

Cybersecurity company Dynetics’ marketing department also benefitted from using the automated processes within Skedler. Their analysts simply didn’t have enough time to monitor all the dashboards within the NetAlert ELK stack application. However, after discovering Skedler, they saw that Skedler’s automated processes with Kibana allowed the department to quickly send security intelligence reports to customers. Without Skedler, this kind of process would have taken weeks to process manually, and their customers would have had to wait for answers.

Ready to start utilizing Skedler’s reporting solution for Kibana and engage with your customers? Try Skedler for free.

The Top 3 ELK Stack Tools Every Business Intelligence Analyst Needs in 2017

A version of this post, updated for 2018, can be found here: The Top 5 ELK Stack+ Tools Every Business Intelligence Analyst Needs.

The world’s most popular log management platform, ELK Stack, has ultimately reflected its nifty, modernized capabilities with this recent statistic: each month, it is downloaded 500,000 times. So what makes ELK Stack and ELK Stack Tools just so attractive? In many cases, it fulfills what’s really been needed in the log analytics space within SaaS: IT companies are favoring open source products more and more. Since it’s based on the Lucene search engine, Elasticsearch is a NoSQL database which forms as a log pipeline tool; accepting inputs from various sources, executing transformations, then exporting data to designated targets. It also carries enhanced customizability, which is a key preference nowadays, since program tweaking is more lucrative and stimulating for many engineers. This is coupled with ELK’s increased interoperability, which is now a practically indispensable feature, since most businesses don’t want to be limited by proprietary data formats.

ELK Stack tools which simply higher-tier those impressive elements will elevate data analysis just that little bit further; depending on what you want to do with it, of course.

Logstash

Elite tool Logstash is well-known for its intake, processing and output capabilities. It’s mainly intended for organizing and searching for log files, but works effectively for cleaning and streaming big data from all sorts of sources into a comprehensive database, including metrics, web applications, data stores, and various AWS services. Logstash also carries impressive input plugins such as cloudwatch and graphite, allowing you to sculpt your intelligence to be as easy to work with as possible. And, as data travels from source to store, those filters identify named fields to accelerate your analysis; deciphering geo coordinates from IP addresses, and anonymizing PII data. It even derives structure from seemingly unstructured data.

Kibana 5

Analysis program Kibana 5.0 boasts a wealth of new refurbishments for pioneering intelligence surveying. Apart from amplified functionalities such as increased rendering, less CPU usage, and elevated data and index handling, Kibana 5.0 has enriched visualisations with interactive platforms, leveraging the aggregation capabilities of Elasticsearch. Space and time auditing are a crucial part of Kibana’s make up: the map service empowers you to foresee geospatial data with custom location data on a schematic of your selection, whilst the time series allows you to perform advanced generation analysis by describing queries and transformations.

Skedler

ELK Stack reporting tool, Skedler, combines all the automated processes you’d never dream you could have within one unit. Fundamentally, it ups your speed-to-market auditing with cutting-edge scheduling, which Kibana alone does not offer; serving as a single system for both interactive analysis and reporting. Skedler methodically picks up your existing dashboards in the server for cataloging, whilst also enabling you to create filters, refine specific recipients, and filter file folders to use whilst scheduling. Additionally, Skedler automatically applies prerequisite filters with generate reports, preserving them as defined; and encompasses high-resolution PDF and PNG options to incorporate in reporting, which sequentially eliminates the need for redundant reporting systems.

There you have it, the top ELK stack tools no business intelligence analyst should ever be without!

Ready to start streamlining your analysis and start reporting with more stability? Right now, we’re offering a free trial.

Are You Wasting Time Manually Sending Kibana Reports?

Automated processes are, invariably, becoming more and more integral to our everyday lives, both in and out of the office. They’ve replaced much of the manual workforce and have improved systematic procedures, which otherwise would be at the mercy of various human error elements as well as higher risks of data breaches. This, as well as recognizing manual reporting as time-consuming labour, are some key issues we don’t need to worry about any more by virtue of processing automation; Kibana being one of those favorable products.

Focus on What Matters

As a result of businesses adopting bots as part of our everyday processes, we’re left with the far more creative aspects of information science (which automation hasn’t quite caught up with yet). Naturally, Elasticsearch’s aesthetically enhanced data delivery is one of its chief selling points: users are able to explore unchartered data with clear-cut digital graphics at their very disposal. This significant upgrade in data technology has allowed us to possess more varied and complex insights; it’s more exciting now than it has ever been before.

In contrast, however, tedious tasks such as email deliveries of reports to customers, compliance managers and other stakeholders remain arduous and time-consuming; deterring attention from more stimulating in-depth data analysis. What we know to be necessary is for analysts to have the time available to devote themselves to exploring Tableau’s analytics, instead of undergoing mundane processes such as manual spreadsheet creation, generating, email exporting, and distributing.

Automate Kibana Reports

Perhaps it’s possible that you’ve already started utilizing Kibana without realizing the perks of automated scheduling. Luckily, Skedler can completely undertake those prosaic tasks, at an affordable price. As an automated scheme which meets full compliance and operations requirements, Skedler allows your peers, customers and other stakeholders to be kept informed in a virtually effortless and secure way. Comprehensive exporting preferences such as PDF, XLS and PNG are also serviceable; allowing you the luxury of consigning instant or scheduled report generation in the format you desire.

Additionally, Skedler’s reporting motions are facilitated through its prestigious dashboard system, which automatically discovers your existing Kibana dashboards and saved searches to make them available for reporting – again, saving you time creating, scheduling and sending Kibana reports. All your filtered reporting and data chartering is available on a single, versatile platform; meaning you won’t spend extensive amounts of time searching through your outgoing email reports for a specific item.

Skedler simply allows you to examine all of your criteria through one umbrella server with clear functionalities to separate the stunning data visualization deliveries, and the slightly less exciting archive of manual spreadsheet generation and handling for other departments, which it can totally manage by itself.

Ready to start saving time by creating, scheduling and distributing Kibana reports automatically? Try Skedler for free.

3 Apps to Get the Most Out of Kibana 5.0

A new financial quarter starts, full-scale data appraisals are once again at the forefront for every business’ sales agenda. Luckily, Elasticsearch’s open source tool Kibana 5.0 is the talk of the town – and for good reason.

Improvements since version 4.0 are unequivocally noticeable. Its new and far more sleek user interface display not only wows in terms of visuals (note the subsidiary menu that minimizes when not in use), but demonstrates impressive UI capabilities that allows you to reach data far more effectively. The new CSV upload, for example, has the potential to catch a much wider data spread, transforming it to index mapping that’s effortlessly navigable. Its new management tab allows you to view the history of the files with associated data, as well as Elasticsearch indexes where you actively send log files.

This version’s huge boost in code architecture grants the potential for more augmentations than ever, especially with split code self-contained plugins with open-end code tweaking, resulting in several lucrative alpha and beta versions. And it’s essentially allowed us the privilege to now ask: what kind of data insight does my company really need, and which app is best to harness it?

1. Logz.io

Logz.io has fundamentally enriched Kibana with two major touches: increased data security, and more serviceable enterprise sequences as a result. Take their access user tokens, for example, which enable share visualizations and dashboard with those who aren’t necessarily Logz.io users, rather than the URL share function. You can pretty much be as selective with your data as you so please; specific and cross-referenced filter searches are an added function to the tokens. This makes it easy to attach pre-saved filters when back in Kibana.

2. Skedler

Skedler has specifically focused developed reporting capabilities with actionables to perform on data, effectively meaning you can do more with it all in a proactive way. Scheduling is an integral part of this program’s faculty, as it works with your existing database searches and dashboards; allowing you to organize dispatches daily, weekly, monthly and so on. Again, you’re able to action specific filters as and when you’re scheduling, making your reports as customized as needed when sending for peer review.

3. Predix

Predix has established itself as a strong contender for effective data trend sweeps, such as HTTP responses, latencies and visitors – and you’re able to debug apps at the sam e time. Combining this with Kibana’s exhaustive data visualizations and pragmatic dashboard, controlling and managing your log data not only highly secure, but it allows you to become more prognostic when forecasting future data.

Ready to save hours generating, scheduling and distributing PDF and XLS reports from your
Elasticsearch Kibana (ELK) application to your team, customers and other stakeholders? Try Skedler for free.