Kibana is an open-source analytics and visualization platform designed to work with Elasticsearch. NetMon uses Kibana to let you search, view, and interact with data stored in Elasticsearch indices. You can easily perform advanced data analysis and visualize your data in a variety of charts, tables, and maps.

With Kibana, NetMon makes it easy to understand large volumes of data. Its simple, browser-based interface enables you to quickly create dynamic dashboards that display changes to Elasticsearch queries in real time.

Data Discovery and Visualization

On NetMon's Discover page, you can submit search queries, filter the results, and examine the data in the returned documents. For example, you can get all sessions over SMTP that were sent to port 25 with the following query: Application:smtp and Destport:25.

The table is populated with the most recent records at the top. By default, the Discover page shows the first 500 entries that match the search criteria. Scrolling to the bottom of the page loads more results. You can change the time filter, interact with the histogram to drill down into the data, and view the details of particular documents. For more information about exploring your data from the Discover page, see Discover.

You can construct visualizations of your search results from the Visualize page. Each visualization is associated with a search. One of the available visualizations is Top 10 Destination Ports. The Y-axis shows counts by destination port. The X-axis shows the time range. This visualization helps you see port usage patterns over a particular time period, perhaps highlighting network bots or crawler activity during off hours.

You can save visualizations and combine them into dashboards to make it easy to correlate related information. For example, the Destination Port Dashboard helps you determine which destination ports you may want to examine in detail. This dashboard contains the following visualizations:

  • Top 10 Dest Ports (pie)
  • Top 10 Dest Ports (line)
  • Top 10 Dest Ports Data
  • Top 10 Dest Ports by Bandwidth (histogram)
  • Ports Table

For more information about creating and sharing visualizations and dashboards, see the Visualize and Dashboard topics.