This article shows how to install Kibana with Sentinl plugin on Kubernetes platform.

Sentinl is a free/open-source plugin that adds reporting and alerting features to Kibana.

Siren Solutions develops Sentinl. https://github.com/sirensolutions

First of all we need to create Kibana image and install sentinl within.

Here is how our Dockerfile looks like.

FROM docker.elastic.co/kibana/kibana:5.3.2                                
RUN /opt/kibana/bin/kibana-plugin install https://github.com/sirensolutions/sentinl/releases/download/tag-5.4/sentinl-v5.3.2.zip
COPY kibana.yml /usr/share/kibana/config/kibana.yml

and our kibana.yml looks like this.

server.host: "0"
elasticsearch.url: http://elasticsearch:9200
xpack.security.enabled: false  
xpack.monitoring.enabled: false
xpack.graph.enabled: false 
xpack.reporting.enabled: false 
## well we dont need x-Pack thanks to Sentinl : )
sentinl:
  settings:
    slack:
      active: true
      username: test
      hook: 'our_unique_webhook_link'
      channel: 'general'

In this tutorial we using Kibana 5.3.2 version and Sentinl also have that version.

And here is our Elasticsearch , Logstash and Filebeat dockerfiles.

exactly like in this repo thanks to komljen for creating these.

hhttps://github.com/komljen/kube-elk-filebeat

After we run this yaml files on our Kubernetes node there is how its looks like.

Our example (komljen filebeat) uses filebeat-* for index name.

We are setting up Kibana-Sentinl with this index.

Our Kibana home looks like this.

And there is Sentinl panel.