Sentinel provides event visualizations that present data in charts, tables, and maps. These visualizations make it easier to visualize and analyze large volumes of data such as events, IP Flow events, and alerts. You can also create your own visualizations and dashboards.
Sentinel leverages Kibana, a browser-based analytics and search dashboard that helps you to search and visualize events. Kibana accesses data from visualization data store (Elasticsearch) to present events in dashboards. By default, Sentinel includes an Elasticsearch node. You must enable event visualization to store and index events in Elasticsearch. For more information, see Configuring the Visualization Data Store.
NOTE:After upgrading to 8.5.1.0, the new Elasticsearch will not have any older data. If you want to migrate the older data to Elasticsearch you can do it using the data uploader tool. It can be done after the connection between all the nodes is made and both Elasticsearch and Kibana are running. For more information, see Migrating Data.