January 10, 2015

Kibana, ElasticSearch, logstash issue

Kibana is ElasticSearch's logs and time-stamped data visualization tool.

For development environment, I have installed XAMPP on Win7.  I tried Kibana 3.1.2 uner XAMPP's Apache, but somehow it didn't work -- just a blank page.  I switched to Kibana 4 beta 3 (standalone).

Environment: Win7 64bit, Java 1.8.0_25-b18 64bit, ElasticSearch 1.4.2, Kibana 4 beta 3, logstash 1.4.2.

Installing Kibana 4 beta 3 is straight forward, just uncompress it and run .bat file.  But Kibana shows this error message (http://localhost:5601) - Kibana: This version of Kibana requires Elasticsearch 1.4.0 or higher on all nodes. I found the following incompatible nodes in your cluster :

After some googling, found this:

In summary:
You have a logstash that uses ES version 1.1.1, and it reports as a node via node status of ES API, and therefore Kibana gives this error message.

Check your nodes, http://localhost:9200/_nodes -- it'll show logstash and ES version 1.1.1.

Shut down the node (using ES Head plugin, or issue this command), and refresh Kibana page.  It doesn't give the error message any more:

To use logstash, get ES (1.4 or later) jar file, and replace it in logstash -- Sidr found this workaround:
  1. Stop logstash.
  2. Get ElasticSearch zip, http://www.elasticsearch.org/overview/elkdownloads/
  3. Uncompress it and put it in <logstash home>\vendor\jar\ directory.
  4. Remove elasticsearch-1.1.1 directory from logstash.  
  5. Start logstash.
 After step #3, it should look like this:

And Kibana can be configured as a Windows service using nssm:

Now all seems to be good:


  1. You could have avoided all of that by just changing the elasticsearch output block in your Logstash configuration file to use protocol => "http". In that way, Logstash never starts up the Elasticsearch node (with the improper version) at all.

  2. @Aaron Mildenstein Thanks. That was one of the proposed temporary solutions in this page also. https://github.com/elasticsearch/kibana/issues/1629