Kibana - A web based log analysis tool
Copyright 2011 Rashid Khan <flipwork #logstash irc.freenode.net>

Installation
------------
This assumes you already have a functioning logstash/elasticsearch
infrastructure, perhaps with some filters to define fields. Config
of logstash and/or elasticsearch is outside of the scope of this file

Required PHP modules:
php5-curl

Other than that, it works just like any other PHP application. Untar 
and go at it. 

Edit config.php to set your elasticsearch server. 

Notes
-----
Q: Why is there no last button?
A: ElasticSearch isn't so hot at going to the last result of a many
million result query. 

Q: Why is this in PHP instead of Java, Ruby, etc?
A: Because PHP is what I know. The total PHP is less than 200 lines.
If you want it in something else, it shouldn't be too hard to port
it to your language of choice

Q: Why do I have to set a limit on events to analyze
A: Big result sets take a long time to retrieve from elasticsearch
and parse out

Q: Well then why don't you use the Elastic Search terms facet?
A: I've found the terms facet to cause out of memory crashes with
large result sets. I don't know a way to limit the amount of memory a
facet may use. Until there's a way to run a facet and know for sure it 
won't crash Elastic Search, I'm going to keep analysis features implemented 
in PHP. I'm open to other suggestions though.

Q: Where can I get some help with this?
A: Find me on Freenode - flipwork in #logstash