Export from Kibana

cloud-gov · Dec 3, 2024 · ac2433b · ac2433b
1 parent 6cbd7e1
commit ac2433b
Show file tree

Hide file tree

Showing 8 changed files with 78 additions and 21 deletions.
diff --git a/_assets/images/content/kibana_export_objects.png b/_assets/images/content/kibana_export_objects.png
diff --git a/_assets/images/content/kibana_export_single_object.png b/_assets/images/content/kibana_export_single_object.png
diff --git a/_assets/images/content/kibana_select_saved_objects.png b/_assets/images/content/kibana_select_saved_objects.png
diff --git a/_assets/images/content/kibana_select_stack_mgmt.png b/_assets/images/content/kibana_select_stack_mgmt.png
diff --git a/_assets/images/content/kibana_view_saved_objects.png b/_assets/images/content/kibana_view_saved_objects.png
diff --git a/_assets/images/content/opensearch_choose_dashboard.png b/_assets/images/content/opensearch_choose_dashboard.png
diff --git a/_assets/images/content/opensearch_select_tenant.png b/_assets/images/content/opensearch_select_tenant.png
diff --git a/_kbarticles/2024-11-26-migrating-opensearch.md b/_kbarticles/2024-11-26-migrating-opensearch.md
@@ -1,45 +1,97 @@
 ---
 layout: post
 title: "Migrating to the OpenSearch Dashboard for Cloud.gov logs"
-date: November 26, 2024
+date: December 3, 2024
 excerpt: Changes to expect in our logging system in December 2024
 
 ---
 
 ## What's Changing in December 2024
 
-As we [announced on November 21, 2024]({{ site.base_url }}{% link _posts/2024-11-21-new-logging-system.md}), we are upgrading the Cloud.gov customer application logging system and the user interface
+As we [announced on November 21, 2024]({{ site.base_url }}{% link _posts/2024-11-21-new-logging-system.md}),
+we are upgrading the Cloud.gov customer application logging system and the user interface
 at https://logs.fr.cloud.gov. The application logs interface prior to December 2024
-was based on [_Kibana_](https://www.elastic.co/kibana), and we are migrating to one based on [_OpenSearch Dashboards_](https://www.opensearch.org/docs/latest/dashboards/). 
+was based on [_Kibana_](https://www.elastic.co/kibana), and we are migrating to one
+based on [_OpenSearch Dashboards_](https://www.opensearch.org/docs/latest/dashboards/).
 
-While all the underlying functionality is unchanged, or improved, there are some 
+While all the underlying functionality is unchanged, or improved, there are some
 differences between Kibana (old) and OpenSearch (new), which we'll outline here:
 
 
-## Authentication and Tenancy Changes
 
-<!-- >
-In a cloud system like Cloud.gov, "tenancy" is used to describe the sharing of resources between 
-the different users, or "tenants" of a system. As an analogy to the physical world, if you are a tenant of a
-large apartment build, do you ever see the other tenants? Do you have to wait for an elevator because
-another tenant is using it? Or do you ever run out of hot water in the shower?
--->
+## Logging in to the new system
 
 The first time you log in to the OpenSearch-based system you'll be presented
-with the following Application Authorization dialog:
+with the following OpenId "Application Authorization" dialog:
+
+!['Screenshot of dialog box titled "Application Authorization: opensearch_dashboards_proxy" with boxes checked for "Access profile", "View details of your applications and services" and "Read all SCIM entries". The options are "Authorize" or "Deny"']({{site.baseurl}}/assets/images/content/opensearch-app-auth-dialog.png)
+
+You'll need to accept all the scopes. If for some reason you need to revoke
+access later, you can do so at: https://login.fr.cloud.gov/profile
+
+You'll then need to choose the Cloud.gov org you want to work with in the "Select you Tenant" dialog:
+
+!['Screenshot of dialog box titled "Select your tenant"']({{site.baseurl}}/assets/images/content/opensearch-app-auth-dialog.png)
+
+If you have access to multiple orgs, you can switch your tenant later by clicking the OpenSearch user avatar on top right.
+
+The main OpenSearch Dashboard should resemble the Kibana dashboard. If you're provided a 
+Dashboard selection screen (see below), choose "App - Overview".  Otherwise the main
+navigation menus should be familiar and you're now ready to explore your Cloud.gov logs
+with OpenSearch.
+
+!['Screenshot of dialog box titled "Dashboards"']({{site.baseurl}}/assets/images/content/opensearch_choose_dashboard.png)
+
+
+## Migrating to OpenSearch
+
+All of the application and CloudFoundry logs that have been available in Kibana
+will be available to you in OpenSearch. You needn't take any action to ensure that.
+You will need to migrate custom dashboards and saved searches, by exporting them
+from Kibana and importing them into OpenSearch.
+
+**Export Saved Objects from Kibana**
+
+In Kibana, use the left navigation menu to select "Management" -> "Stack Management":
+
+!['Screenshot of Kibana leftnav with "Stack Management" highlighted']({{site.baseurl}}/assets/images/content/kibana_select_stack_mgmt.png)
+
+Then in the Stack Management view, select "Saved Objects" under the "Kibana" heading:
 
-!['Screenshot of dialog box titled - Application Authorization: opensearch_dashboards_proxy - with boxes checked for "Access profile", "View details of your applications and services" and "Read all SCIM entries". The options are "Authorize" or "Deny"']({{site.baseurl}}/assets/images/content/opensearch-app-auth-dialog.png)
+!['Screenshot of Kibana Stack Management with "Saved Objects" highlighted']({{site.baseurl}}/assets/images/content/kibana_select_saved_objects.png)
 
-You'll need to accept all the scopes. The If you need to revoke access later, you can do so at: https://login.fr.cloud.gov/profile. 
+From the Saved Objects screen, you can search for the Visualizations or
+Searches you've previously saved. The example belows shows the ones with "PeterB"
+in the name:
 
+!['Screenshot of Kibana View Saved Objects with "Export 7 Objects" highlighted']({{site.baseurl}}/assets/images/content/kibana_view_saved_objects.png)
 
-Logging in to the new system
-- First time
-  - Accept Scopes
-- Future times
+From that screen you can export all the matching objects as a single `export.ndjson` file,
+or as individual `.ndjson` files:
 
-## Migration
+!['Screenshot of Kibana export single selected object']({{site.baseurl}}/assets/images/content/kibana_export_single_object.png)
 
+**Importing saved objects into Opensearch**
+
+Once you've export 
+
+
+**Recovering Saved Searches and Visualizations**: If you missed migrating a Saved Object
+from Kibana to OpenSearch, and Kibana is no longer available, 
+please contact [Cloud.gov Support](mailto:[email protected]).
+We have saved all customer objects and can recover those for you.
+
+
+
+
+
+
+
+
+### Compare the two systems
+
+The Cloud.gov team encourages to you explore the OpenSearch system and compare
+your findings to Kibana. If you suspect that any log messages are missing. 
 - Customization migration
 - Bookmarks
 
@@ -67,6 +119,11 @@ Retention
 
 - Alerting
 
+## Authentication and Tenancy Changes
 
-## Managed Information Security
-
+<!-- >
+In a cloud system like Cloud.gov, "tenancy" is used to describe the sharing of resources between 
+the different users, or "tenants" of a system. As an analogy to the physical world, if you are a tenant of a
+large apartment build, do you ever see the other tenants? Do you have to wait for an elevator because
+another tenant is using it? Or do you ever run out of hot water in the shower?
+-->