github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-27 18:51:07 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/docs/management/advanced-options.asciidoc
Stratoula Kalafateli 5d6812966a
[ES|QL] Technical preview in Discover and Dashboards (#146971) 
## Summary

Closes https://github.com/elastic/kibana/issues/137810
Part of https://github.com/elastic/kibana/issues/163248

This PR is the **first iteration** of the new ES|QL language in kibana.
The majority of the functionality is based on the existing functionality
for SQL (which has already been merged). This builds on top of it to
enable the functionality for ES|QL. We decided to remove SQL for now so
this PR enables ES|QL and hides SQL. We are not removing the code for
now.

### Important notes:
- This PR contains basic autocomplete functionality for the ES|QL
commands. We want to improve it in follow up PRs
- The majority of the tests for SQL were moved to work with ES|QL
instead
- The search strategy is a very simple endpoint for now as we don't have
async search nor pagination
- Now that we remove SQL, the ui for ES|QL selection has changed
- The documentation for ESQL has been handled by the docs team so it is
already reviewed and in sync with the official documentation
- ES|QL is disabled in serverless projects for now

### Changes from SQL:
- The Discover histogram now is being created with ES|QL (using the
date_trunc function). This gives it the ability to be saved on a
dashboard and also to be edited inline.
- ES|QL sometimes returns some warnings (on the search headers). For
example when we are trying to date parse a string that doesnt contain a
valid date). These warnings are also reported on the UI. There is a bug
in ES and the warning doesnt come always
https://github.com/elastic/elasticsearch-internal/issues/1465)
- We have 2 types of commands:
- Transformational commands (keep, stats) -> when they exist in the
query Discover should render the Table view (selected columns)
- Non transformational commands (all the others) -> in that case
Discover renders the Document view
  - ESQL switch on advanced settings is now on by default


**Discover view with non transformational commands**
<img width="1678" alt="image"
src="abe100e1-01e9-4fe0-9b89-6d8bdf6443fc">


**Discover view with transformational commands**
<img width="1679" alt="image"
src="e46af422-daeb-4be5-88cf-522211674ff5">


### Missing
- ESQL autocomplete is not perfect, we are going to work on it on a
future PR. Specifically:
- There is a bug in autocomplete, sometimes writing a query overwrites
the existing one, will deal with it in a future PR
  - Further improvements

### Checklist

- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: Alexey Antonov <alexwizp@gmail.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Abdon Pijpelink <abdon.pijpelink@elastic.co>
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
Co-authored-by: Peter Pisljar <peter.pisljar@elastic.co>
Co-authored-by: Marco Liberati <dej611@users.noreply.github.com>
Co-authored-by: Matthias Wilhelm <matthias.wilhelm@elastic.co>
Co-authored-by: Davis McPhee <davis.mcphee@elastic.co>
2023-09-01 12:22:00 +03:00

630 lines
26 KiB
Text
Raw Blame History

[[advanced-options]]
== Advanced Settings
*Advanced Settings* control the behavior of {kib}. You can change the settings that apply to spaces, or to all of {kib}. For example, you can change the format used to display dates,
specify the default data view, and apply your own branding.
WARNING: Changing a setting can affect {kib} performance and cause problems
that are difficult to diagnose. Setting a property value to a blank field
reverts to the default behavior, which might not be compatible with other
configuration settings. Deleting a custom setting permanently removes it from {kib}.
[float]
=== Required permissions
The `Advanced Settings` {kib} privilege is required to access *Advanced Settings*.
When you have insufficient privileges to edit advanced settings, the edit options are not visible, and the following
indicator is displayed:
[role="screenshot"]
image::images/settings-read-only-badge.png[Example of Advanced Settings Management's read only access indicator in Kibana's header]
To add the privilege, open the main menu, then click *Stack Management > Roles*.
For more information on granting access to {kib}, refer to <<xpack-security-authorization>>.
[float]
[[kibana-settings-reference]]
=== Change the space settings
Change the settings that apply only to {kib} spaces.
. Open the main menu, then click *Stack Management > Advanced Settings*.
. Click *Space Settings*.
. Scroll or search for the setting.
. Make your change, then click *Save changes*.
[float]
[[kibana-general-settings]]
==== General
[horizontal]
[[auto-complete-use-time-tange]]`autocomplete:useTimeRange`::
When disabled, autocompletes the suggestions from your data set instead of the time range.
[[bfetch-disable-compression]]`bfetch:disableCompression`::
When disabled, allows you to debug individual requests, but increases the response size.
[[csv-quotevalues]]`csv:quoteValues`::
Set this property to `true` to quote exported values.
[[csv-separator]]`csv:separator`::
A string that serves as the separator for exported values.
[[dateformat]]`dateFormat`::
The format to use for displaying
https://momentjs.com/docs/#/displaying/format/[pretty formatted dates].
[[dateformat-dow]]`dateFormat:dow`::
The day that a week should start on.
[[dateformat-scaled]]`dateFormat:scaled`::
The values that define the format to use to render ordered time-based data.
Formatted timestamps must adapt to the interval between measurements. Keys are
http://en.wikipedia.org/wiki/ISO_8601#Time_intervals[ISO8601 intervals].
[[dateformat-tz]]`dateFormat:tz`::
The timezone that Kibana uses. The default value of `Browser` uses the timezone
detected by the browser.
[[datenanosformat]]`dateNanosFormat`::
The format to use for displaying
https://momentjs.com/docs/#/displaying/format/[pretty formatted dates] of
{ref}/date_nanos.html[Elasticsearch date_nanos type].
[[defaultindex]]`defaultIndex`::
The index to access if no index is set. The default is `null`.
[[defaultroute]]`defaultRoute`::
The default route when opening Kibana. Use this setting to route users to a
specific dashboard, application, or saved object as they enter each space.
[[fields-popularlimit]]`fields:popularLimit`::
The top N most popular fields to show.
[[fileupload-maxfilesize]]`fileUpload:maxFileSize`::
Sets the file size limit when importing files. The default
value is `100MB`. The highest supported value for this setting is `1GB`.
[[filtereditor-suggestvalues]]`filterEditor:suggestValues`::
Set this property to `false` to prevent the filter editor and KQL autocomplete
from suggesting values for fields.
[[autocomplete-valuesuggestionmethod]]`autocomplete:valueSuggestionMethod`::
When set to `terms_enum`, autocomplete uses the terms enum API for value suggestions. Kibana returns results faster, but suggestions are approximate, sorted alphabetically, and can be outside the selected time range. (Note that this API is incompatible with {ref}/document-level-security.html[Document-Level-Security].)
When set to `terms_agg`, Kibana uses a terms aggregation for value suggestions, which is
slower, but suggestions include all values that optionally match your time range and are sorted by popularity.
[[autocomplete-usetimerange]]`autocomplete:useTimeRange`::
Disable this property to get autocomplete suggestions from
your full dataset, rather than from the current time range.
[[filters-pinnedbydefault]]`filters:pinnedByDefault`::
Set this property to `true` to make filters have a global state (be pinned) by
default.
[[format-bytes-defaultpattern]]`format:bytes:defaultPattern`::
The default <<numeral, numeral pattern>> format for the "bytes" format.
[[format-currency-defaultpattern]]`format:currency:defaultPattern`::
The default <<numeral, numeral pattern>> format for the "currency" format.
[[format-defaulttypemap]]`format:defaultTypeMap`::
A map of the default format name for each field type. Field types that are not
explicitly mentioned use "\_default_".
[[format-number-defaultlocale]]`format:number:defaultLocale`::
The <<numeral, numeral pattern>> locale.
[[format-number-defaultpattern]]`format:number:defaultPattern`::
The <<numeral, numeral pattern>> for the "number" format.
[[format-percent-defaultpattern]]`format:percent:defaultPattern`::
The <<numeral, numeral pattern>> for the "percent" format.
[[histogram-bartarget]]`histogram:barTarget`::
When date histograms use the `auto` interval, Kibana attempts to generate this
number of bars.
[[histogram-maxbars]]`histogram:maxBars`::
To improve performance, limits the density of date and number histograms across {kib}
using a test query. When the test query contains too many buckets,
the interval between buckets increases. This setting applies separately
to each histogram aggregation, and does not apply to other types of aggregations.
To find the maximum value of this setting, divide the {es} `search.max_buckets`
value by the maximum number of aggregations in each visualization.
[[history-limit]]`history:limit`::
In fields that have history, such as query inputs, show this many recent values.
[[metafields]]`metaFields`::
Fields that exist outside of `_source`. Kibana merges these fields into the
document when displaying it.
[[metrics:allowStringIndices]]`metrics:allowStringIndices`::
Enables you to use {es} indices in *TSVB* visualizations.
[[metrics-maxbuckets]]`metrics:max_buckets`::
Affects the *TSVB* histogram density. Must be set higher than `histogram:maxBars`.
[[query-allowleadingwildcards]]`query:allowLeadingWildcards`::
Allows a wildcard (*) as the first character in a query clause. To disallow
leading wildcards in Lucene queries, use `query:queryString:options`.
[[query-querystring-options]]`query:queryString:options`::
Options for the Lucene query string parser. Only used when "Query language" is
set to Lucene.
[[savedobjects-listinglimit]]`savedObjects:listingLimit`::
The number of objects to fetch for lists of saved objects. The default value
is 1000. Do not set above 10000.
[[savedobjects-perpage]]`savedObjects:perPage`::
The number of objects to show on each page of the list of saved objects. The
default is 5.
[[search-querylanguage]]`search:queryLanguage`::
The query language to use in the query bar. Choices are <<kuery-query, KQL>>, a
language built specifically for {kib}, and the
<<lucene-query, Lucene query syntax>>.
[[shortdots-enable]]`shortDots:enable`::
Set this property to `true` to shorten long field names in visualizations. For
example, show `f.b.baz` instead of `foo.bar.baz`.
[[sort-options]]`sort:options`:: Options for the Elasticsearch
{ref}/search-request-body.html#request-body-search-sort[sort] parameter.
[[state-storeinsessionstorage]]`state:storeInSessionStorage`::
experimental:[]
Kibana tracks UI state in the URL, which can lead to problems
when there is a lot of state information, and the URL gets very long. Enabling
this setting stores part of the URL in your browser session to keep the URL
short.
[[theme-darkmode]]`theme:darkMode`::
Set to `true` to enable a dark mode for the {kib} UI. You must refresh the page
to apply the setting.
[[theme-version]]`theme:version`::
Kibana only ships with the v8 theme now, so this setting can no longer be edited.
[[timepicker-quickranges]]`timepicker:quickRanges`::
The list of ranges to show in the Quick section of the time filter. This should
be an array of objects, with each object containing `from`, `to` (see
{ref}/common-options.html#date-math[accepted formats]), and `display` (the title
to be displayed).
[[timepicker-refreshintervaldefaults]]`timepicker:refreshIntervalDefaults`::
The default refresh interval for the time filter. Example:
`{ "pause": true, "value": 15000 }`.
[[timepicker-timedefaults]]`timepicker:timeDefaults`::
The default selection in the time filter.
[[truncate-maxheight]]`truncate:maxHeight`::
The maximum height that a cell occupies in a table. Set to 0 to disable
truncation.
[float]
[[presentation-labs]]
==== Presentation Labs
[horizontal]
[[labs-canvas-enable-ui]]`labs:canvas:enable_ui`::
When enabled, provides access to the experimental *Labs* features for *Canvas*.
[[labs-dashboard-defer-below-fold]]`labs:dashboard:deferBelowFold`::
When enabled, the panels that appear below the fold are loaded when they become visible on the dashboard.
_Below the fold_ refers to panels that are not immediately visible when you open a dashboard, but become visible as you scroll. For additional information, refer to <<dashboard-troubleshooting,Improve dashboard loading time>>.
[[labs-dashboard-enable-ui]]`labs:dashboard:enable_ui`::
When enabled, provides access to the experimental *Labs* features for *Dashboard*.
[float]
[[kibana-accessibility-settings]]
==== Accessibility
[horizontal]
[[accessibility-disableanimations]]`accessibility:disableAnimations`::
Turns off all unnecessary animations in the {kib} UI. Refresh the page to apply
the changes.
[float]
[[kibana-banners-settings]]
==== Banners
[NOTE]
====
Banners are a https://www.elastic.co/subscriptions[subscription feature].
====
[horizontal]
[[banners-placement]]`banners:placement`::
Set to `Top` to display a banner above the Elastic header for this space. Defaults to the value of
the `xpack.banners.placement` configuration property.
[[banners-textcontent]]`banners:textContent`::
The text to display inside the banner for this space, either plain text or Markdown.
Defaults to the value of the `xpack.banners.textContent` configuration property.
[[banners-textcolor]]`banners:textColor`::
The color for the banner text for this space. Defaults to the value of
the `xpack.banners.textColor` configuration property.
[[banners-backgroundcolor]]`banners:backgroundColor`::
The color of the banner background for this space. Defaults to the value of
the `xpack.banners.backgroundColor` configuration property.
[float]
[[kibana-dashboard-settings]]
==== Dashboard
[horizontal]
[[xpackdashboardmode-roles]]`xpackDashboardMode:roles`::
**Deprecated. Use <<kibana-feature-privileges,feature privileges>> instead.**
The roles that belong to <<xpack-dashboard-only-mode, dashboard only mode>>.
[float]
[[kibana-discover-settings]]
==== Discover
[horizontal]
[[context-defaultsize]]`context:defaultSize`::
The number of surrounding entries to display in the context view. The default
value is 5.
[[context-step]]`context:step`::
The number by which to increment or decrement the context size. The default
value is 5.
[[context-tiebreakerfields]]`context:tieBreakerFields`::
A comma-separated list of fields to use for breaking a tie between documents
that have the same timestamp value. The first field that is present and sortable
in the current data view is used.
[[defaultcolumns]]`defaultColumns`::
The columns that appear by default on the *Discover* page. The default is
`_source`.
[[discover:enableESQL]]`discover:enableESQL`::
experimental[] Allows ES|QL queries for search.
[[discover-max-doc-fields-displayed]]`discover:maxDocFieldsDisplayed`::
Specifies the maximum number of fields to show in the document column of the *Discover* table.
[[discover-modify-columns-on-switch]]`discover:modifyColumnsOnSwitch`::
When enabled, removes the columns that are not in the new data view.
[[discover-row-height-option]]`discover:rowHeightOption`::
The number of lines to allow in a row. A value of -1 automatically adjusts the row height to fit the contents. A value of 0 displays the content in a single line.
[[discover-sampleRowsPerPage]]`discover:sampleRowsPerPage`::
Limits the number of rows per page in the document table.
[[discover-sample-size]]`discover:sampleSize`::
Sets the maximum number of rows for the entire document table. This is the maximum number of documents fetched from {es}.
[[discover-searchFieldsFromSource]]`discover:searchFieldsFromSource`::
Load fields from the original JSON {ref}/mapping-source-field.html[`_source`].
When disabled, *Discover* loads fields using the {es} search API's
{ref}/search-fields.html#search-fields-param[`fields`] parameter.
[[discover-searchonpageload]]`discover:searchOnPageLoad`::
Controls whether a search is executed when *Discover* first loads. This setting
does not have an effect when loading a saved search.
[[discover:showFieldStatistics]]`discover:showFieldStatistics`::
beta[] Enables the Field statistics view. Examine details such as
the minimum and maximum values of a numeric field or a map of a geo field.
[[discover:showMultiFields]]`discover:showMultiFields`::
Controls the display of multi-fields in the expanded document view.
[[discover:showLegacyFieldTopValues]]`discover:showLegacyFieldTopValues`::
To calculate the top values for a field in the sidebar using 500 instead of 5,000 records per shard, turn on this option.
[[discover-sort-defaultorder]]`discover:sort:defaultOrder`::
The default sort direction for time-based data views.
[[doctable-hidetimecolumn]]`doc_table:hideTimeColumn`::
Hides the "Time" column in *Discover* and in all saved searches on dashboards.
[[doctable-highlight]]`doc_table:highlight`::
Highlights results in *Discover* and saved searches on dashboards. Highlighting
slows requests when working on big documents.
[[doctable-legacy]]`doc_table:legacy`::
Controls the way the document table looks and works.
To use the new *Document Explorer* instead of the classic view, turn off this option.
The *Document Explorer* offers better data sorting, resizable columns, and a full screen view.
[[truncate-max-height]]`truncate:maxHeight`::
The maximum height that a cell in a table can occupy. To disable truncation, set to 0.
[float]
[[kibana-ml-settings]]
==== Machine Learning
[horizontal]
[[ml-anomalydetection-results-enabletimedefaults]]`ml:anomalyDetection:results:enableTimeDefaults`::
Use the default time filter in the *Single Metric Viewer* and
*Anomaly Explorer*. If this setting is disabled, the results for the full time
range are shown.
[[ml-anomalydetection-results-timedefaults]]`ml:anomalyDetection:results:timeDefaults`::
Sets the default time filter for viewing {anomaly-job} results. This setting
must contain `from` and `to` values (see
{ref}/common-options.html#date-math[accepted formats]). It is ignored unless
`ml:anomalyDetection:results:enableTimeDefaults` is enabled.
[float]
[[kibana-notification-settings]]
==== Notifications
[horizontal]
[[notifications-banner]]`notifications:banner`::
A custom banner intended for temporary notices to all users. Supports
https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax[Markdown].
[[notifications-lifetime-banner]]`notifications:lifetime:banner`::
The duration, in milliseconds, for banner notification displays. The default
value is 3000000.
[[notificatios-lifetime-error]]`notifications:lifetime:error`::
The duration, in milliseconds, for error notification displays. The default
value is 300000.
[[notifications-lifetime-info]]`notifications:lifetime:info`::
The duration, in milliseconds, for information notification displays. The
default value is 5000.
[[notifications-lifetime-warning]]`notifications:lifetime:warning`::
The duration, in milliseconds, for warning notification displays. The default
value is 10000.
[float]
[[observability-advanced-settings]]
==== Observability
[horizontal]
[[apm-enable-service-overview]]`apm:enableServiceOverview`::
When enabled, displays the *Overview* tab for services in *APM*.
[[apm-agent-explorer]]`observability:apmAgentExplorerView`::
beta:[] Enables the Agent explorer view.
[[apm-aws-price]]`observability:apmAWSLambdaPriceFactor`::
Set the price per Gb-second for your AWS Lambda functions.
[[apm-aws-request]]`observability:apmAWSLambdaRequestCostPerMillion`::
Set the AWS Lambda cost per million requests.
[[apm-continuous-rollups]]`observability:apmEnableContinuousRollups`::
beta:[] When continuous rollups is enabled, the UI will select metrics with the appropriate resolution.
On larger time ranges, lower resolution metrics will be used, which will improve loading times.
[[apm-enable-service-metrics]]`observability:apmEnableServiceMetrics`::
beta:[] Enables the usage of service transaction metrics, which are low cardinality metrics that can be used by certain views like the service inventory for faster loading times.
[[observability-apm-labs]]`observability:apmLabsButton`::
Enable or disable the APM Labs button -- a quick way to enable and disable technical preview features in APM.
See <<apm-labs>> to learn more.
[[observability-apm-critical-path]]`observability:apmEnableCriticalPath`::
When enabled, displays the critical path of a trace.
[[observability-enable-progressive-loading]]`observability:apmProgressiveLoading`::
preview:[] When enabled, uses progressive loading of some APM views.
Data may be requested with a lower sampling rate first, with lower accuracy but faster response times,
while the unsampled data loads in the background.
[[observability-apm-max-groups]]`observability:apmServiceGroupMaxNumberOfServices`::
Limit the number of services in a given service group.
[[observability-apm-optimized-sort]]`observability:apmServiceInventoryOptimizedSorting`::
preview:[] Sorts services without anomaly detection rules on the APM Service inventory page by service name.
[[observability-default-service-env]]`observability:apmDefaultServiceEnvironment`::
Set the default environment for the APM app. When left empty, data from all environments will be displayed by default.
[[observability-apm-enable-profiling]]`observability:apmEnableProfilingIntegration`::
Enable the Universal Profiling integration in APM.
[[observability-enable-aws-lambda-metrics]]`observability:enableAwsLambdaMetrics`::
preview:[] Display Amazon Lambda metrics in the service metrics tab.
[[observability-apm-enable-comparison]]`observability:enableComparisonByDefault`::
Determines whether the <<service-time-comparison, comparison feature>> is enabled or disabled by default in the APM app.
[[observability-apm-enable-infra-view]]`observability:enableInfrastructureView`::
Enables the Infrastructure view in the APM app.
[[observability-enable-inspect-es-queries]]`observability:enableInspectEsQueries`::
When enabled, allows you to inspect {es} queries in API responses.
[[observability-apm-enable-service-groups]]`observability:enableServiceGroups`::
preview:[] When enabled, allows users to create Service Groups from the APM Service Inventory page.
[[observability-apm-trace-explorer-tab]]`observability:apmTraceExplorerTab`::
preview:[] Enable the APM Trace Explorer feature, that allows you to search and inspect traces with KQL or EQL.
[float]
[[kibana-reporting-settings]]
==== Reporting
[horizontal]
[[xpackreporting-custompdflogo]]`xpackReporting:customPdfLogo`::
A custom image to use in the footer of the PDF.
[float]
[[kibana-rollups-settings]]
==== Rollup
[horizontal]
[[rollups-enableindexpatterns]]`rollups:enableIndexPatterns`::
Enables the creation of data views that capture rollup indices, which in
turn enables visualizations based on rollup data. Refresh the page to apply the
changes.
[float]
[[kibana-search-settings]]
==== Search
[[courier-customrequestpreference]]`courier:customRequestPreference`::
{ref}/search-request-body.html#request-body-search-preference[Request preference]
to use when `courier:setRequestPreference` is set to "custom".
[[courier-ignorefilteriffieldnotinindex]]`courier:ignoreFilterIfFieldNotInIndex`::
Skips filters that apply to fields that don't exist in the index for a
visualization. Useful when dashboards consist of visualizations from multiple
data views.
[[courier-maxconcurrentshardrequests]]`courier:maxConcurrentShardRequests`::
Controls the {ref}/search-multi-search.html[max_concurrent_shard_requests]
setting used for `_msearch` requests sent by {kib}. Set to 0 to disable this
config and use the {es} default.
[[courier-setrequestpreference]]`courier:setRequestPreference`::
Enables you to set which shards handle your search requests.
* *Session ID:* Restricts operations to execute all search requests on the same
shards. This has the benefit of reusing shard caches across requests.
* *Custom:* Allows you to define your own preference. Use
`courier:customRequestPreference` to customize your preference value.
* *None:* Do not set a preference. This might provide better performance
because requests can be spread across all shard copies. However, results might
be inconsistent because different shards might be in different refresh states.
[[search-includefrozen]]`search:includeFrozen`::
**This setting is deprecated and will not be supported as of 9.0.**
Includes {ref}/frozen-indices.html[frozen indices] in results. Searching through
frozen indices might increase the search time. This setting is off by default.
Users must opt-in to include frozen indices.
[[search-timeout]]`search:timeout`:: Change the maximum timeout, in milliseconds (ms), for a search
session. To disable the timeout and allow queries to run to completion, set to 0. The default is 600,000 ms, or 10 minutes.
[float]
[[kibana-siem-settings]]
==== Security Solution
[horizontal]
[[securitysolution-defaultanomalyscore]]`securitySolution:defaultAnomalyScore`::
The threshold above which {ml} job anomalies are displayed in the {security-app}.
[[securitysolution-defaultindex]]`securitySolution:defaultIndex`::
A comma-delimited list of {es} indices from which the {security-app} collects
events.
[[securitysolution-threatindices]]`securitySolution:defaultThreatIndex`::
A comma-delimited list of Threat Intelligence indices from which the {security-app} collects indicators.
[[securitysolution-enableCcsWarning]]`securitySolution:enableCcsWarning`:: Enables
privilege check warnings in rules for CCS indices.
[[securitysolution-enablenewsfeed]]`securitySolution:enableNewsFeed`:: Enables
the security news feed on the Security *Overview* page.
[[securitysolution-ipreputationlinks]]`securitySolution:ipReputationLinks`::
A JSON array containing links for verifying the reputation of an IP address. The
links are displayed on {security-guide}/network-page-overview.html[IP detail]
pages.
[[securitysolution-newsfeedurl]]`securitySolution:newsFeedUrl`::
The URL from which the security news feed content is retrieved.
[[securitysolution-refreshintervaldefaults]]`securitySolution:refreshIntervalDefaults`::
The default refresh interval for the Security time filter, in milliseconds.
[[security-solution-rules-table-refresh]]`securitySolution:rulesTableRefresh`::
Enables auto refresh on the rules and monitoring tables, in milliseconds.
[[securitySolution-showRelatedIntegrations]]`securitySolution:showRelatedIntegrations`::
Shows related integrations on the rules and monitoring tables.
[[securitysolution-timedefaults]]`securitySolution:timeDefaults`::
The default period of time in the Security time filter.
[float]
[[kibana-timelion-settings]]
==== Timelion
[[timelion-esdefaultindex]]`timelion:es.default_index`::
The default index when using the `.es()` query.
[[timelion-estimefield]]`timelion:es.timefield`::
The default field containing a timestamp when using the `.es()` query.
[[timelion-maxbuckets]]`timelion:max_buckets`::
The maximum number of buckets a single data source can return. This value is
used for calculating automatic intervals in visualizations.
[[timelion-mininterval]]`timelion:min_interval`::
The smallest interval to calculate when using "auto".
[[timelion-targetbuckets]]`timelion:target_buckets`::
Used for calculating automatic intervals in visualizations, this is the number
of buckets to try to represent.
[float]
[[kibana-visualization-settings]]
==== Visualization
[horizontal]
[[visualization-colormapping]]`visualization:colorMapping`::
**This setting is deprecated and will not be supported in a future version.**
Maps values to specific colors in charts using the *Compatibility* palette.
[[visualization-uselegacytimeaxis]]`visualization:useLegacyTimeAxis`::
**This setting is deprecated and will not be supported in a future version.**
Enables the legacy time axis for charts in Lens, Discover, Visualize and TSVB
[[visualization-heatmap-maxbuckets]]`visualization:heatmap:maxBuckets`::
The maximum number of buckets a datasource can return. High numbers can have a negative impact on your browser rendering performance.
[[visualization-visualize-heatmapChartslibrary]]`visualization:visualize:legacyHeatmapChartsLibrary`::
Disable this option if you prefer to use the new heatmap charts with improved performance, legend settings, and more..
[float]
[[kibana-global-settings-reference]]
=== Change the global settings
Change the settings that apply only to {kib} spaces.
. Open the main menu, then click *Stack Management > Advanced Settings*.
. Click *Global Settings*.
. Scroll or search for the setting.
. Make your change, then click *Save changes*.
[float]
[[kibana-custom-branding-settings]]
==== Custom branding
[horizontal]
[[custom-logo]]`xpackCustomBranding:logo`::
A custom image that appears in the header of all {kib} pages. Images must have a transparent background, and 128 x 128 pixels or smaller.
[[organization-name]]`xpackCustomBranding:customizedLogo`::
The custom text that appears in the header of all {kib} pages. Images must have a transparent background, and 200 x 84 pixels or smaller.
[[page-title]]`xpackCustomBranding:pageTitle`::
The custom text that appears on {kib} browser tabs.
[[favicon-svg]]`xpackCustomBranding:faviconSVG`::
The URL of a custom SVG image that appears on {kib} browser tabs. Images must be 16 x 16 pixels.
[[favicon-png]]`xpackCustomBranding:faviconPNG`::
The URL of a custom PNG image that appears on {kib} browser tabs.
[float]
[[kibana-usage-collection-settings]]
==== Usage collection
[[provide-usage-data]]`telemetry:enabled`::
Enabling data usage collection (also known as Telemetry) allows us to learn
what our users are most interested in, so we can improve our products and services.
Refer to our https://www.elastic.co/legal/product-privacy-statement[Privacy Statement] for more details.
Reference in a new issue View git blame Copy permalink