18.0 Configuring Elasticsearch for Event Visualization

While Elasticsearch requires very little configuration, there are a number of settings which need to be considered before going into production.

NOTE:In Elasticsearch cluster configuration setup, based on the health of the nodes whichever node is connected/available first gets updated in kibana.yml file. It has been designed in this way is to provide less load in the Sentinel server node (for better performance). This kibana.yml file gets updated via Sentinel based on the health of the node (which connects first).