# Kibana Integration [Kibana](https://www.elastic.co/kibana) is a powerful open-source analytics and visualization platform designed to work with Elasticsearch. It provides users with the tools to explore, visualize, and share insights into their data in real-time. ## In ilert: Create an Kibana alert source 1. Go to **Alert sources** --> **Alert sources** and click **Create new alert source**.

2. Search for **Kibana** in the search field, click on the Kibana tile, and click **Next**.

3. Give your alert source a name, optionally assign teams, and click **Next**. 4. Select an **escalation policy** by creating a new one or assigning an existing one.

5. Select your [Alert grouping](https://docs.ilert.com/alerting/configure-alerting/alert-sources#alert-grouping) preference and click **Continue setup**. You may click **Do not group alerts** for now and change it later.

6. The next page shows additional settings, such as customer alert templates or notification priority. Click on **Finish setup** for now. 7. On the final page, an API key and/or webhook URL will be generated, which you will need later in this guide.

## In Kibana: Create a connector 1. On the sidebar, click on **Connectors** under the **Alerts and Insights** category.

2. Now click on **Create connector**.

3. Select **Webhook**.

4. Enter a **Connector name**. 5. Under **Connector settings**, enter the previously generated ilert Elasticsearch Kibana alert source URL into the **URL** field and change the **Method** to POST. 6. Choose None under **Authentication** and enable **Add HTTP header**. 7. Enter the following header -> `key: Content-Type value: application/json` 8. Save the connector.

9. Now, navigate to **Rules** under the **Alerts and Insights** category.

10. Click on **Create rule**.

11. Enter a **name** and select Webhook as the **connector type**.

12. Choose the previous created ilert connector as **Webhook connector**. 13. Enter the following payload into the **Body** field: {% hint style="info" %} This payload contains [mustache](https://mustache.github.io/mustache.5.html) and is not valid for testing the connector. {% endhint %} ```mustache { "alert" : {{{ alert }}}, "context" : {{{ context }}}, "rule" : {{{ rule }}} } ```

14. Save the rule. ## FAQ **Will alerts in ilert be resolved automatically?** No, unfortunately, Kibana is not compatible with ilert's resolve event. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.ilert.com/integrations/inbound-integrations/kibana.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.