Docs: Cleaning up GSG to match UI. (#8840)

* Docs: Cleaning up GSG to match UI.

* Docs: Updated annotated discover screen cap.

docs/getting-started.asciidoc

@@ -3,18 +3,19 @@
 
 [partintro]
 --
-Now that you have Kibana <<setup,installed>>, you can step through this tutorial to get fast hands-on experience with
-key Kibana functionality. By the end of this tutorial, you will have:
+Ready to get some hands-on experience with Kibana? 
+This tutorial shows you how to:
 
-* Loaded a sample data set into your Elasticsearch installation
-* Defined at least one index pattern
-* Used the <<discover, Discover>> functionality to explore your data
-* Set up some <<visualize,_visualizations_>> to graphically represent your data
-* Assembled visualizations into a <<dashboard,Dashboard>>
+* Load a sample data set into Elasticsearch
+* Define an index pattern
+* Explore the sample data with <<discover, Discover>>
+* Set up <<visualize,_visualizations_>> of the sample data
+* Assemble visualizations into a <<dashboard,Dashboard>>
 
-The material in this section assumes you have a working Kibana install connected to a working Elasticsearch install.
+Before you begin, make sure you've <<install, installed Kibana>> and established
+a <<connect-to-elasticsearch, connection to Elasticsearch>>.
 
-Video tutorials are also available:
+You might also be interested in these video tutorials:
 
 * https://www.elastic.co/blog/kibana-4-video-tutorials-part-1[High-level Kibana introduction, pie charts]
 * https://www.elastic.co/blog/kibana-4-video-tutorials-part-2[Data discovery, bar charts, and line charts]

docs/getting-started/tutorial-dashboard.asciidoc

@@ -1,14 +1,20 @@
 [[tutorial-dashboard]]
 == Putting it all Together with Dashboards
 
-A Kibana dashboard is a collection of visualizations that you can arrange and share. To get started, click the
-*Dashboard* tab, then the *Add Visualization* button at the far right of the search box to display the list of saved
-visualizations. Select _Markdown Example_, _Pie Example_, _Bar Example_, and _Map Example_, then close the list of
-visualizations by clicking the small up-arrow at the bottom of the list. You can move the containers for each
-visualization by clicking and dragging the title bar. Resize the containers by dragging the lower right corner of a
-visualization's container. Your sample dashboard should end up looking roughly like this:
+A dashboard is a collection of visualizations that you can arrange and share. 
+To build a dashboard that contains the visualizations you saved during this tutorial:
+
+. Click *Dashboard* in the side navigation.
+. Click *Add* to display the list of saved visualizations. 
+. Click _Markdown Example_, _Pie Example_, _Bar Example_, and _Map Example_, then close the list of
+visualizations by clicking the small up-arrow at the bottom of the list. 
+
+Hovering over a visualization displays the container controls that enable you to
+edit, move, delete, and resize the visualization. 
+
+Your sample dashboard should end up looking roughly like this:
 
 image::images/tutorial-dashboard.png[]
 
-Click the *Save Dashboard* button, then name the dashboard _Tutorial Dashboard_. You can share a saved dashboard by
-clicking the *Share* button to display HTML embedding code as well as a direct link.
+To get a link to share or HTML code to embed the dashboard in a web page, save
+the dashboard and click  *Share*.

docs/getting-started/tutorial-discovering.asciidoc

@@ -1,34 +1,42 @@
 [[tutorial-discovering]]
 == Discovering Your Data
 
-Click the *Discover* image:images/discover-compass.png[Compass icon] tab to display Kibana's data discovery functions:
+Click *Discover* in the side navigation to display Kibana's data discovery functions:
 
 image::images/tutorial-discover.png[]
 
-Right under the tab itself, there is a search box where you can search your data. Searches take a specific
-{es-ref}query-dsl-query-string-query.html#query-string-syntax[query syntax] that enable you to create custom searches,
-which you can save and load by clicking the buttons to the right of the search box.
+In the query bar, you can enter an 
+{es-ref}query-dsl-query-string-query.html#query-string-syntax[Elasticsearch
+query] to search your data. You can explore the results in Discover and create
+visualizations of saved searches in Visualize. 
 
-Beneath the search box, the current index pattern is displayed in a drop-down. You can change the index pattern by
-selecting a different pattern from the drop-down selector.
+The current index pattern is displayed beneath the query bar. The index pattern
+determines which indices are searched when you submit a query. To search a
+different set of indices, select different pattern from the drop down menu.
+To add an index pattern, go to *Management/Kibana/Index Patterns* and click
+*Add New*.
 
-You can construct searches by using the field names and the values you're interested in. With numeric fields you can
-use comparison operators such as greater than (>), less than (<), or equals (=). You can link elements with the
+You can construct searches by using the field names and the values you're
+interested in. With numeric fields you can use comparison operators such as
+greater than (>), less than (<), or equals (=). You can link elements with the
 logical operators AND, OR, and NOT, all in uppercase.
 
-Try selecting the `ba*` index pattern and putting the following search into the search box:
+To try it out, select the `ba*` index pattern and enter the following query string
+in the query bar:
 
 [source,text]
 account_number:<100 AND balance:>47500
 
-This search returns all account numbers between zero and 99 with balances in excess of 47,500.
-
-If you're using the linked sample data set, this search returns 5 results: Account numbers 8, 32, 78, 85, and 97.
+This query returns all account numbers between zero and 99 with balances in
+excess of 47,500. When searching the sample bank data, it returns 5 results: 
+Account numbers 8, 32, 78, 85, and 97.
 
 image::images/tutorial-discover-2.png[]
 
-To narrow the display to only the specific fields of interest, highlight each field in the list that displays under the
-index pattern and click the *Add* button. Note how, in this example, adding the `account_number` field changes the
-display from the full text of five records to a simple list of five account numbers:
+By default, all fields are shown for each matching document. To choose which
+document fields to display, hover over the Available Fields list and click the
+*add* button next to each field you want include. For example, if you add
+just the `account_number`, the display changes to a simple list of five
+account numbers:
 
 image::images/tutorial-discover-3.png[]

docs/getting-started/tutorial-visualizing.asciidoc

@@ -1,28 +1,41 @@
 [[tutorial-visualizing]]
-== Data Visualization: Beyond Discovery
+== Visualizing Your Data
 
-The visualization tools available on the *Visualize* tab enable you to display aspects of your data sets in several
-different ways.
-
-Click on the *Visualize* image:images/visualize-icon.png[Bar chart icon] tab to start:
+To start visualizing your data, click *Visualize* in the side navigation:
 
 image::images/tutorial-visualize.png[]
 
-Click on *Pie chart*, then *From a new search*. Select the `ba*` index pattern.
+The *Visualize* tools enable you to view your data in several ways. For example,
+let's use that venerable visualization, the pie chart, to get some insight
+into the account balances in the sample bank account data.
 
-Visualizations depend on Elasticsearch {es-ref}search-aggregations.html[aggregations] in two different types: _bucket_
-aggregations and _metric_ aggregations. A bucket aggregation sorts your data according to criteria you specify. For
-example, in our accounts data set, we can establish a range of account balances, then display what proportions of the
-total fall into which range of balances.
+To get started, click *Pie chart* in the list of visualizations. You can build
+visualizations from saved searches, or enter new search criteria. To enter
+new search criteria, you first need to select an index pattern to specify
+what indices to search. We want to search the account data, so select the `ba*`
+index pattern.
 
-The whole pie displays, since we  haven't specified any buckets yet.
+The default search matches all documents. Initially, a single "slice"
+encompasses the entire pie:
 
 image::images/tutorial-visualize-pie-1.png[]
 
-Select *Split Slices* from the *Select buckets type* list, then select *Range* from the *Aggregation* drop-down
-selector. Select the *balance* field from the *Field* drop-down, then click on *Add Range* four times to bring the
-total number of ranges to six. Enter the following ranges:
+To specify what slices to display in the chart, you use an Elasticsearch 
+{es-ref}search-aggregations.html[bucket aggregation]. A bucket aggregation
+simply sorts the documents that match your search criteria into different
+categories, aka _buckets_. For example, the account data includes the balance
+of each account. Using a bucket aggregation, you can establish multiple ranges
+of account balances and find out how many accounts fall into each range.
 
+To define a bucket for each range:
+
+. Click the *Split Slices* buckets type.
+. Select *Range* from the *Aggregation* list.
+. Select the *balance* field from the *Field* list.
+. Click *Add Range* four times to bring the
+total number of ranges to six. 
+. Define the following ranges:
++
 [source,text]
 0             999
 1000         2999
@@ -31,36 +44,55 @@ total number of ranges to six. Enter the following ranges:
 15000       30999
 31000       50000
 
-Click the *Apply changes* button image:images/apply-changes-button.png[] to display the chart:
+. Click *Apply changes* image:images/apply-changes-button.png[] to update the chart.
+
+Now you can see what proportion of the 1000 accounts fall into each balance
+range.
 
 image::images/tutorial-visualize-pie-2.png[]
 
-This shows you what proportion of the 1000 accounts fall in these balance ranges. To see another dimension of the data,
-we're going to add another bucket aggregation. We can break down each of the balance ranges further by the account
-holder's age.
+Let's take a look at another dimension of the data: the account holder's
+age. By adding another bucket aggregation, you can see the ages of the account
+holders in each balance range:
 
-Click *Add sub-buckets* at the bottom, then select *Split Slices*. Choose the *Terms* aggregation and the *age* field from
-the drop-downs.
-Click the  *Apply changes* button image:images/apply-changes-button.png[] to add an external ring with the new
-results.
+. Click *Add sub-buckets* below the buckets list.
+. Click *Split Slices* in the buckets type list. 
+. Select *Terms* from the aggregation list.
+. Select *age* from the field list.
+. Click  *Apply changes* image:images/apply-changes-button.png[]. 
+
+Now you can see the break down of the account holders' ages displayed
+in a ring around the balance ranges.
 
 image::images/tutorial-visualize-pie-3.png[]
 
-Save this chart by clicking the *Save Visualization* button to the right of the search field. Name the visualization
-_Pie Example_.
+To save this chart so we can use it later, click *Save* and enter the name _Pie Example_.
 
-Next, we're going to make a bar chart. Click on *New Visualization*, then *Vertical bar chart*. Select *From a new
-search* and the `shakes*` index pattern. You'll see a single big bar, since we haven't defined any buckets yet:
+Next, we're going to look at data in the Shakespeare data set. Let's find out how the
+plays compare when it comes to the number of speaking parts and display the information
+in a bar chart:
 
+. Click *New* and select *Vertical bar chart*. 
+. Select the `shakes*` index pattern. Since you haven't defined any buckets yet,
+you'll see a single big bar that shows the total count of documents that match
+the default wildcard query.
++
 image::images/tutorial-visualize-bar-1.png[]
 
-For the Y-axis metrics aggregation, select *Unique Count*, with *speaker* as the field. For Shakespeare plays, it might
-be useful to know which plays have the lowest number of distinct speaking parts, if your theater company is short on
-actors. For the X-Axis buckets, select the *Terms* aggregation with the *play_name* field. For the *Order*, select
-*Ascending*, leaving the *Size* at 5. Write a description for the axes in the *Custom Label* fields.
+. To show the number of speaking parts per play along the y-axis, you need to
+configure the Y-axis {es-ref}search-aggregations.html[metric aggregation]. A metric
+aggregation computes metrics based on values extracted from the search results.
+To get the number of speaking parts per play, select the *Unique Count*
+aggregation and choose *speaker* from the field list. You can also give the
+axis a custom label, _Speaking Parts_.
 
-Leave the other elements at their default values and click the *Apply changes* button
-image:images/apply-changes-button.png[]. Your chart should now look like this:
+. To show the different plays long the x-axis, select the X-Axis buckets type, 
+select *Terms* from the aggregation list, and choose *play_name* from the field
+list. To list them alphabetically, select *Ascending* order. You can also give
+the axis a custom label, _Play Name_.
+
+. Click *Apply changes* image:images/apply-changes-button.png[] to view the
+results.
 
 image::images/tutorial-visualize-bar-2.png[]
 
@@ -68,14 +100,16 @@ Notice how the individual play names show up as whole phrases, instead of being
 is the result of the mapping we did at the beginning of the tutorial, when we marked the *play_name* field as 'not
 analyzed'.
 
-Hovering on each bar shows you the number of speaking parts for each play as a tooltip. You can turn this behavior off,
-as well as change many other options for your visualizations, by clicking the *Options* tab in the top left.
+Hovering over each bar shows you the number of speaking parts for each play as a tooltip. To turn tooltips
+off and configure other options for your visualizations, select the Visualization builder's *Options* tab.
 
 Now that you have a list of the smallest casts for Shakespeare plays, you might also be curious to see which of these
-plays makes the greatest demands on an individual actor by showing the maximum number of speeches for a given part. Add
-a Y-axis aggregation with the *Add metrics* button, then choose the *Max* aggregation for the *speech_number* field. In
-the *Options* tab, change the *Bar Mode* drop-down to *grouped*, then click the  *Apply changes* button
-image:images/apply-changes-button.png[]. Your chart should now look like this:
+plays makes the greatest demands on an individual actor by showing the maximum number of speeches for a given part. 
+
+. Click *Add metrics* to add a Y-axis aggregation.
+. Choose the *Max* aggregation and select the *speech_number* field.
+. Click *Options* and change the *Bar Mode* to *grouped*.
+. Click  *Apply changes* image:images/apply-changes-button.png[]. Your chart should now look like this:
 
 image::images/tutorial-visualize-bar-3.png[]
 
@@ -83,53 +117,68 @@ As you can see, _Love's Labours Lost_ has an unusually high maximum speech numbe
 might therefore make more demands on an actor's memory.
 
 Note how the *Number of speaking parts* Y-axis starts at zero, but the bars don't begin to differentiate until 18. To
-make the differences stand out, starting the Y-axis at a value closer to the minimum, check the
-*Scale Y-Axis to data bounds* box in the *Options* tab.
+make the differences stand out, starting the Y-axis at a value closer to the minimum, go to Options and select
+*Scale Y-Axis to data bounds*.
 
 Save this chart with the name _Bar Example_.
 
-Next, we're going to make a tile map chart to visualize some geographic data. Click on *New Visualization*, then
-*Tile map*. Select *From a new search* and the `logstash-*` index pattern. Define the time window for the events
-we're exploring by clicking the time selector at the top right of the Kibana interface. Click on *Absolute*, then set
-the start time to May 18, 2015 and the end time for the range to May 20, 2015:
+Next, we're going to use a tile map chart to visualize geographic information in our log file sample data. 
 
+. Click *New*.
+. Select  *Tile map*. 
+. Select the `logstash-*` index pattern. 
+. Set the time window for the events we're exploring:
+. Click the time picker in the Kibana toolbar.
+. Click *Absolute*.
+. Set the start time to May 18, 2015 and the end time to May 20, 2015.
++
 image::images/tutorial-timepicker.png[]
 
-Once you've got the time range set up, click the *Go* button, then close the time picker by clicking the small up arrow
-at the bottom. You'll see a map of the world, since we haven't defined any buckets yet:
+. Once you've got the time range set up, click the *Go* button and close the time picker by 
+clicking the small up arrow in the bottom right corner. 
+
+You'll see a map of the world, since we haven't defined any buckets yet:
 
 image::images/tutorial-visualize-map-1.png[]
 
-Select *Geo Coordinates* as the bucket, then click the *Apply changes* button image:images/apply-changes-button.png[].
+To map the geo coordinates from the log files select *Geo Coordinates* as
+the bucket and click *Apply changes* image:images/apply-changes-button.png[].
 Your chart should now look like this:
 
 image::images/tutorial-visualize-map-2.png[]
 
-You can navigate the map by clicking and dragging, zoom with the image:images/viz-zoom.png[] buttons, or hit the *Fit
-Data Bounds* image:images/viz-fit-bounds.png[] button to zoom to the lowest level that includes all the points. You can
-also create a filter to define a rectangle on the map, either to include or exclude, by clicking the
-*Latitude/Longitude Filter* image:images/viz-lat-long-filter.png[] button and drawing a bounding box on the map.
-A green oval with the filter definition displays right under the query box:
+You can navigate the map by clicking and dragging, zoom with the 
+image:images/viz-zoom.png[] buttons, or hit the *Fit Data Bounds* 
+image:images/viz-fit-bounds.png[] button to zoom to the lowest level that
+includes all the points. You can also include or exclude a rectangular area
+by clicking the *Latitude/Longitude Filter* image:images/viz-lat-long-filter.png[]
+button and drawing a bounding box on the map. Applied filters are displayed
+below the query bar. Hovering over a filter displays controls to toggle,
+pin, invert, or delete the filter. 
 
 image::images/tutorial-visualize-map-3.png[]
 
-Hover on the filter to display the controls to toggle, pin, invert, or delete the filter. Save this chart with the name
-_Map Example_.
+Save this map with the name _Map Example_.
 
-Finally, we're going to define a sample Markdown widget to display on our dashboard. Click on *New Visualization*, then
-*Markdown widget*, to display a very simple Markdown entry field:
-
-image::images/tutorial-visualize-md-1.png[]
-
-Write the following text in the field:
+Finally, create a Markdown widget to display extra information:
 
+. Click *New*.
+. Select *Markdown widget*.
+. Enter the following text in the field:
++
 [source,markdown]
 # This is a tutorial dashboard!
 The Markdown widget uses **markdown** syntax.
 > Blockquotes in Markdown use the > character.
 
-Click the  *Apply changes* button image:images/apply-changes-button.png[] to display the rendered Markdown in the
-preview pane:
+. Click  *Apply changes* image:images/apply-changes-button.png[] render the Markdown in the
+preview pane.
++
+image::images/tutorial-visualize-md-1.png[]
+
+
+
+
 
 image::images/tutorial-visualize-md-2.png[]
 

docs/getting-started/wrapping-up.asciidoc

@@ -1,5 +1,14 @@
 [[wrapping-up]]
 == Wrapping Up
 
-Now that you've handled the basic aspects of Kibana's functionality, you're ready to explore Kibana in further detail.
-Take a look at the rest of the documentation for more details!
+Now that you have a handle on the basics, you're ready to start exploring
+your own data with Kibana.
+
+* See <<discover, Discover>> for more information about searching and filtering
+your data.
+* See <<visualize, Visualize>> for information about all of the visualization
+types Kibana has to offer.
+* See <<management, Management>> for information about configuring Kibana
+and managing your saved objects. 
+* See <<console-kibana, Console>> for information about the interactive 
+console UI you can use to submit REST requests to Elasticsearch.

docs/setup.asciidoc

@@ -1,5 +1,5 @@
 [[setup]]
-= Setup Kibana
+= Set Up Kibana
 
 [partintro]
 --