echo-ui is built on top of Kibana and uses a modified version of its source code.
Kibana is an open source (Apache Licensed), browser based analytics and search dashboard for Elasticsearch. Kibana is a snap to setup and start using. Kibana strives to be easy to get started with, while also being flexible and powerful, just like Elasticsearch.
While the general theme of Echo’s user interface is similar to Kibana’s, there are some noticeable and significant changes. As time progress, we expect Echo’s user interface to diverge further to reflect the specific needs to analyze and visualize cyber-security related data.
echo-ui has the following dependencies:
docker-composewhich provides container templates and easier control over service state, read more…
In order to run
echo-ui run the following in a console:
$ docker run \ --name echo-redis \ registry:5000/joola/echo-redis $ docker run \ --name echo-elastic \ registry:5000/joola/echo-elastic $ docker run \ --name echo-ui \ --link echo-elastic:elastic \ --link echo-redis:redis \ -p 5601:5601 \ registry:5000/joola/echo-ui
Following the successful execution of the above, you should be able to navigate to Echo’s user interface at
echo-uiloads for the first time, it will initialize it’s cache store, this process may take a few minutes. You can track it’s progress using the log as detailed below.
No special environment variables are available.
Docker runtime flags
No special docker flags are needed.
The following flags are available for the container’s command:
||run in dev mode, skips heavy optimizing|
||ssl is turned on by default|
||a random base-path is added when running in
The following example shows how to run
echo-ui in dev mode, which will load the user interface much faster, but with fewer optimizations:
docker run \ --name echo-ui \ --link echo-elastic:elastic \ --link echo-redis:redis \ -p 5601:5601 \ registry:5000/joola/echo-ui --dev --no-base-path
Like all other Echo stack parts,
echo-ui has a rich logging interface.
$ docker logs -f --tail 200 echo-ui
This will printout the runtime’s logs for your inspection, any warning or error will be clearly indicated in the log.
In case you wish to access the container’s runtime, you can
docker exec into the container.
$ docker exec -it echo-ui bash
This will open a shell within the container and allow you to inspect it further.
echo-ui configuration is based on Kibana’s, click here for a complete list of configuration options.
In order to map
kibana.yml, use a docker
$ docker run \ --name echo-ui \ --link echo-elastic:elastic \ --link echo-redis:redis \ -p 5601:5601 \ -v /opt/joola/echo/config/ui/kibana.yml:/opt/joola/echo-ui/config/kibana.yml \ registry:5000/joola/echo-ui
To set the maximum idle session duration for a logged in user, you configure the
sessionTimeout property in kibana.yml:
# SSL for outgoing requests from the Echo Server (PEM formatted) security.sessionTimeout: 86400000
Duration is specified in milliseconds.
To encrypt communications between the browser and the Echo server, you configure the
ssl_cert_file properties in kibana.yml:
# SSL for outgoing requests from the Echo Server (PEM formatted) server.ssl.key: /path/to/your/server.key server.ssl.cert: /path/to/your/server.crt