diff --git a/_assets/images/content/kibana_export_objects.png b/_assets/images/content/kibana_export_objects.png new file mode 100644 index 000000000..963b58ad8 Binary files /dev/null and b/_assets/images/content/kibana_export_objects.png differ diff --git a/_assets/images/content/kibana_export_single_object.png b/_assets/images/content/kibana_export_single_object.png new file mode 100644 index 000000000..fcefd8993 Binary files /dev/null and b/_assets/images/content/kibana_export_single_object.png differ diff --git a/_assets/images/content/kibana_select_saved_objects.png b/_assets/images/content/kibana_select_saved_objects.png new file mode 100644 index 000000000..7a9610d56 Binary files /dev/null and b/_assets/images/content/kibana_select_saved_objects.png differ diff --git a/_assets/images/content/kibana_select_stack_mgmt.png b/_assets/images/content/kibana_select_stack_mgmt.png new file mode 100644 index 000000000..e46db639e Binary files /dev/null and b/_assets/images/content/kibana_select_stack_mgmt.png differ diff --git a/_assets/images/content/kibana_view_saved_objects.png b/_assets/images/content/kibana_view_saved_objects.png new file mode 100644 index 000000000..70b74abc9 Binary files /dev/null and b/_assets/images/content/kibana_view_saved_objects.png differ diff --git a/_assets/images/content/opensearch_choose_dashboard.png b/_assets/images/content/opensearch_choose_dashboard.png new file mode 100644 index 000000000..19ffbe54d Binary files /dev/null and b/_assets/images/content/opensearch_choose_dashboard.png differ diff --git a/_assets/images/content/opensearch_select_tenant.png b/_assets/images/content/opensearch_select_tenant.png new file mode 100644 index 000000000..a19875f3c Binary files /dev/null and b/_assets/images/content/opensearch_select_tenant.png differ diff --git a/_kbarticles/2024-11-26-migrating-opensearch.md b/_kbarticles/2024-11-26-migrating-opensearch.md index d20fc1829..987b2cb33 100644 --- a/_kbarticles/2024-11-26-migrating-opensearch.md +++ b/_kbarticles/2024-11-26-migrating-opensearch.md @@ -1,45 +1,97 @@ --- layout: post title: "Migrating to the OpenSearch Dashboard for Cloud.gov logs" -date: November 26, 2024 +date: December 3, 2024 excerpt: Changes to expect in our logging system in December 2024 --- ## What's Changing in December 2024 -As we [announced on November 21, 2024]({{ site.base_url }}{% link _posts/2024-11-21-new-logging-system.md}), we are upgrading the Cloud.gov customer application logging system and the user interface +As we [announced on November 21, 2024]({{ site.base_url }}{% link _posts/2024-11-21-new-logging-system.md}), +we are upgrading the Cloud.gov customer application logging system and the user interface at https://logs.fr.cloud.gov. The application logs interface prior to December 2024 -was based on [_Kibana_](https://www.elastic.co/kibana), and we are migrating to one based on [_OpenSearch Dashboards_](https://www.opensearch.org/docs/latest/dashboards/). +was based on [_Kibana_](https://www.elastic.co/kibana), and we are migrating to one +based on [_OpenSearch Dashboards_](https://www.opensearch.org/docs/latest/dashboards/). -While all the underlying functionality is unchanged, or improved, there are some +While all the underlying functionality is unchanged, or improved, there are some differences between Kibana (old) and OpenSearch (new), which we'll outline here: -## Authentication and Tenancy Changes - +## Logging in to the new system The first time you log in to the OpenSearch-based system you'll be presented -with the following Application Authorization dialog: +with the following OpenId "Application Authorization" dialog: + +!['Screenshot of dialog box titled "Application Authorization: opensearch_dashboards_proxy" with boxes checked for "Access profile", "View details of your applications and services" and "Read all SCIM entries". The options are "Authorize" or "Deny"']({{site.baseurl}}/assets/images/content/opensearch-app-auth-dialog.png) + +You'll need to accept all the scopes. If for some reason you need to revoke +access later, you can do so at: https://login.fr.cloud.gov/profile + +You'll then need to choose the Cloud.gov org you want to work with in the "Select you Tenant" dialog: + +!['Screenshot of dialog box titled "Select your tenant"']({{site.baseurl}}/assets/images/content/opensearch-app-auth-dialog.png) + +If you have access to multiple orgs, you can switch your tenant later by clicking the OpenSearch user avatar on top right. + +The main OpenSearch Dashboard should resemble the Kibana dashboard. If you're provided a +Dashboard selection screen (see below), choose "App - Overview". Otherwise the main +navigation menus should be familiar and you're now ready to explore your Cloud.gov logs +with OpenSearch. + +!['Screenshot of dialog box titled "Dashboards"']({{site.baseurl}}/assets/images/content/opensearch_choose_dashboard.png) + + +## Migrating to OpenSearch + +All of the application and CloudFoundry logs that have been available in Kibana +will be available to you in OpenSearch. You needn't take any action to ensure that. +You will need to migrate custom dashboards and saved searches, by exporting them +from Kibana and importing them into OpenSearch. + +**Export Saved Objects from Kibana** + +In Kibana, use the left navigation menu to select "Management" -> "Stack Management": + +!['Screenshot of Kibana leftnav with "Stack Management" highlighted']({{site.baseurl}}/assets/images/content/kibana_select_stack_mgmt.png) + +Then in the Stack Management view, select "Saved Objects" under the "Kibana" heading: -!['Screenshot of dialog box titled - Application Authorization: opensearch_dashboards_proxy - with boxes checked for "Access profile", "View details of your applications and services" and "Read all SCIM entries". The options are "Authorize" or "Deny"']({{site.baseurl}}/assets/images/content/opensearch-app-auth-dialog.png) +!['Screenshot of Kibana Stack Management with "Saved Objects" highlighted']({{site.baseurl}}/assets/images/content/kibana_select_saved_objects.png) -You'll need to accept all the scopes. The If you need to revoke access later, you can do so at: https://login.fr.cloud.gov/profile. +From the Saved Objects screen, you can search for the Visualizations or +Searches you've previously saved. The example belows shows the ones with "PeterB" +in the name: +!['Screenshot of Kibana View Saved Objects with "Export 7 Objects" highlighted']({{site.baseurl}}/assets/images/content/kibana_view_saved_objects.png) -Logging in to the new system -- First time - - Accept Scopes -- Future times +From that screen you can export all the matching objects as a single `export.ndjson` file, +or as individual `.ndjson` files: -## Migration +!['Screenshot of Kibana export single selected object']({{site.baseurl}}/assets/images/content/kibana_export_single_object.png) +**Importing saved objects into Opensearch** + +Once you've export + + +**Recovering Saved Searches and Visualizations**: If you missed migrating a Saved Object +from Kibana to OpenSearch, and Kibana is no longer available, +please contact [Cloud.gov Support](mailto:support@cloud.gov). +We have saved all customer objects and can recover those for you. + + + + + + + + +### Compare the two systems + +The Cloud.gov team encourages to you explore the OpenSearch system and compare +your findings to Kibana. If you suspect that any log messages are missing. - Customization migration - Bookmarks @@ -67,6 +119,11 @@ Retention - Alerting +## Authentication and Tenancy Changes -## Managed Information Security - + \ No newline at end of file