This guide describes the echo-ui stack part which serves as the User Interface to the stack.

Overview

echo-ui is built on top of Kibana and uses a modified version of its source code.

Kibana is an open source (Apache Licensed), browser based analytics and search dashboard for Elasticsearch. Kibana is a snap to setup and start using. Kibana strives to be easy to get started with, while also being flexible and powerful, just like Elasticsearch.

While the general theme of Echo’s user interface is similar to Kibana’s, there are some noticeable and significant changes. As time progress, we expect Echo’s user interface to diverge further to reflect the specific needs to analyze and visualize cyber-security related data.

Depends on

echo-ui has the following dependencies:

Running

In order to run echo-ui run the following in a console:

$ docker run \
    --name echo-redis \
    registry:5000/joola/echo-redis
$ docker run \
    --name echo-elastic \
    registry:5000/joola/echo-elastic
$ docker run \
    --name echo-ui \
    --link echo-elastic:elastic \
    --link echo-redis:redis \
    -p 5601:5601 \
    registry:5000/joola/echo-ui

Following the successful execution of the above, you should be able to navigate to Echo’s user interface at https://\<IP-OF-SERVER\>:5601.

Environment variables

No special environment variables are available.

Docker runtime flags

No special docker flags are needed.

Command arguments

The following flags are available for the container’s command:

flag description
dev run in dev mode, skips heavy optimizing
no-ssl ssl is turned on by default
no-base-path a random base-path is added when running in dev mode

The following example shows how to run echo-ui in dev mode, which will load the user interface much faster, but with fewer optimizations:

docker run \
    --name echo-ui \
    --link echo-elastic:elastic \
    --link echo-redis:redis \
    -p 5601:5601 \
    registry:5000/joola/echo-ui --dev --no-base-path

Inspecting

Like all other Echo stack parts, echo-ui has a rich logging interface.

$ docker logs -f --tail 200 echo-ui

This will printout the runtime’s logs for your inspection, any warning or error will be clearly indicated in the log.

In case you wish to access the container’s runtime, you can docker exec into the container.

$ docker exec -it echo-ui bash

This will open a shell within the container and allow you to inspect it further.

Configuration

echo-ui configuration is based on Kibana’s, click here for a complete list of configuration options.

In order to map kibana.yml, use a docker volume:

$ docker run \
    --name echo-ui \
    --link echo-elastic:elastic \
    --link echo-redis:redis \
    -p 5601:5601 \
    -v /opt/joola/echo/config/ui/kibana.yml:/opt/joola/echo-ui/config/kibana.yml \
    registry:5000/joola/echo-ui

Session timeout

To set the maximum idle session duration for a logged in user, you configure the sessionTimeout property in kibana.yml:

# SSL for outgoing requests from the Echo Server (PEM formatted)
security.sessionTimeout: 86400000

Duration is specified in milliseconds.

SSL certificates

To encrypt communications between the browser and the Echo server, you configure the ssl_key_file and ssl_cert_file properties in kibana.yml:

# SSL for outgoing requests from the Echo Server (PEM formatted)
server.ssl.key: /path/to/your/server.key
server.ssl.cert: /path/to/your/server.crt