Elastic and Kibana Install (Windows)
This guide walks through the steps to set up a single node Elasticsearch cluster and an instance of Kibana. It should take around 2 hours to complete the Elastic and Kibana install.
If you are setting up a production environment, you will want to set up an Elasticsearch cluster. More information on this can be found on the ElasticSearch website.
Prerequisites
Folder Structure Set Up
A specific folder structure is needed for the installation of Elasticsearch and Kibana. You can create this structure using a PowerShell query or manually.
PowerShell
Check the path of the storage location in this script before running it. For example: (C:\).
mkdir C:\Apps;
mkdir C:\InsightEngine;
mkdir C:\Downloads;
mkdir C:\Utils
Download Software
Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).
Start-BitsTransfer -Source "https://nssm.cc/release/nssm-2.24.zip" -destination "C:\Downloads";
Start-BitsTransfer -Source "https://github.com/notepad-plus-plus/notepad-plus-plus/releases/download/v8.4.9/npp.8.4.9.Installer.x64.exe" -destination "C:\Downloads";
Start-BitsTransfer -Source "https://www.7-zip.org/a/7z2201-x64.exe" -destination "C:\Downloads";
Start-BitsTransfer -Source "https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.17.3-windows-x86_64.zip" -destination "C:\Downloads";
Start-BitsTransfer -Source "https://artifacts.elastic.co/downloads/kibana/kibana-8.17.3-windows-x86_64.zip" -destination "C:\Downloads"

Extract Software
The Elastic, Kibana, nssm and InsightEngine zip files need to be extracted.
PowerShell
Run the following script in an Admin PowerShell.
Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).
Expand-Archive -Force C:\Downloads\elasticsearch-8.17.3-windows-x86_64.zip C:\Apps;
Expand-Archive -Force C:\Downloads\Kibana-8.17.3-windows-x86_64.zip C:\Apps;
Expand-Archive -Force C:\Downloads\nssm-2.24.zip C:\Utils;
Expand-Archive -Force C:\Downloads\insightengine-win.2025.5.7.zip C:\InsightEngine
Check the files have extracted to the correct location.
Elastic Search is in the Apps folder. Kibana is in the Apps folder. nssm is in the Utils folder. There should be 13 folders within the Insight Engine folder.
Elastic Configuration
The configurations within the Elastic config file need to be updated.
Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).
$Filename = "C:\Apps\elasticsearch-8.17.3\config\elasticsearch.yml";
((Get-Content -path $Filename -Raw) -replace '#cluster.name: my-application','cluster.name: ') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#node.name:','node.name:') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#path.data: /path/to/data','path.data: C:\Apps\Data') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#path.logs: /path/to/logs','path.logs: C:\tmp\logs') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#network.host: 192.168.0.1','network.host: 0.0.0.0') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#discovery.seed_hosts:','discovery.seed_hosts:') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace 'host1','0.0.0.0') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace ', "host2"','') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#cluster.initial_master_nodes:','cluster.initial_master_nodes:') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace ', "node-2"]',']') | Set-Content -Path $Filename
Install Elastic
Elastic needs to be installed as a service and this can be done with a PowerShell script.
Run the following PowerShell script in a new Admin PowerShell.
Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).
cd C:\Apps\elasticsearch-8.17.3;
.\bin\elasticsearch.bat
Do not close the PowerShell when this script has finished.
This will return the password for Elastic.
Make a note of this for later.
This will also return a token needed for the Kibana install.
Make a note of this for later.

Test if your install worked by opening a web browser and navigating to https://localhost:9200.
To login enter 'elastic' in the username and the password from the previous PowerShell.
Do not close this PowerShell yet.

Install Kibana
Open another Admin PowerShell window and run the following Script.
Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (kibana-8.17.3).
cd C:\Apps\kibana-8.17.3\bin;
.\kibana.bat
A URL will appear once it's finished. Navigate to that URL in your browser.
Copy the token you got from the Elastic PowerShell and paste it into the Enrolment token in the Kibana session.
Select Configure Elastic.
The configuration may not complete at this point. That's not an issue at this point.
Open a web browser and navigate to http://localhost:5601.
Use the Elastic credentials you used earlier to login.
Do not close this PowerShell yet.
Update Elastic License
Copy the text of you Elastic license into a Notepad++ file.
Save this file as Dev-license.json in the root folder.
Within http://localhost:5601 navigate to the Management tab on the left and open the Elastic License Management.
Upload the Dev-license.json file to Kibana via the license manager.
It is normal for this to cause Kibana to throw an access error. If it doesn't, check that Elastic hasn't been installed before in 'Programs and Features' (and remove it if it's present).

Create Elastic Certificate
Open another new PowerShell as an Admin.
This will be the third PowerShell you have open.
Run the following PowerShell script.
Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).
cd C:\Apps\elasticsearch-8.17.3\bin;
.\elasticsearch-certutil ca
When prompted for an output file press Enter.
If asked if you want to overwrite the existing file, enter Y.
When prompted for the CA password enter a secure password.
This password cannot include any special characters.
Run the following PowerShell Script to create the certificate.
Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).
./elasticsearch-certutil cert -ca C:\Apps\elasticsearch-8.17.3\elastic-stack-ca.p12;
When prompted enter the CA password.
When prompted for an output file press the Enter key.
When prompted enter the Cert password.
This password cannot include any special characters and must be different to the CA password.

Copy Certificates
You need to create a new certs folder and copy the certs to that folder.
Run the following Script to create the folder and more the certs.
Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).
mkdir C:\Apps\certs;
copy-item C:\Apps\elasticsearch-8.17.3\*.p12 -Destination C:\Apps\certs
move C:\Apps\elasticsearch-8.17.3\*.p12 C:\Apps\elasticsearch-8.17.3\config\certs
Secure Connection Configuration
This updates a number of configurations need to add Xpack security. This improves the security between Kibana and Elastic.
Run the following script to make these changes automatically.
Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).
$Filename="C:\Apps\elasticsearch-8.17.3\config\elasticsearch.yml";
((Get-Content -path $Filename -Raw) -replace 'http.p12','elastic-certificates.p12') | Set-Content -Path $Filename
((Get-Content -path $Filename -Raw) -replace 'transport.p12','elastic-certificates.p12') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#action.destructive_requires_name: false','action.destructive_requires_name: true') | Set-Content -Path $Filename;
(Get-Content -path $Filename) | ? {$_.trim() -ne "" } | set-content $Filename
Elastic Keystore Setup
The certificate password is used in a number of places and needs to be updated to match the certificate password you just set.
Run the following scripts one by one.
Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).
cd C:\Apps\elasticsearch-8.17.3\bin;
.\elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password
If asked do you want to overwrite the existing file, enter Y.
When prompted enter the Certificate password.
Then run the following script.
.\elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password
If asked do you want to overwrite the existing file, enter Y.
When prompted enter the Certificate password.
Then run the following script.
.\elasticsearch-keystore add xpack.security.http.ssl.keystore.secure_password
If asked do you want to overwrite the existing file, enter Y.
When prompted enter the Certificate password.
Then run the following script.
.\elasticsearch-keystore add xpack.security.http.ssl.truststore.secure_password
When prompted enter the Certificate password.
Kibana SSL Configuration
Run the following PowerShell script to update the Kibana.yml file.
Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (kibana-8.17.3).
$Filename="C:\Apps\Kibana-8.17.3\config\kibana.yml";
((Get-Content -path $Filename -Raw) -replace '#elasticsearch.ssl.verificationMode: full','elasticsearch.ssl.verificationMode: none') | Set-Content -Path $Filename
You can now close the Elastic and Kibana PowerShell consoles.
Within each console select Ctrl + C.
It will then ask if you want to terminate the session. Enter Y to confirm.

Install Elastic Service
Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).
Run the following command in PowerShell to install the Elastic Service.
C:\Apps\elasticsearch-8.17.3\bin\elasticsearch-service.bat install
Run the following command to start the elastic service.
C:\Apps\elasticsearch-8.17.3\bin\elasticsearch-service.bat start
Open your web browser and navigate to https://localhost:9200.
This may take a few minutes to load for the first time.
Login using the Elastic credentials.
Install Kibana Service
Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (nssm-2.24).
Run the following command in PowerShell to install the Kibana Service.
C:\Utils\nssm-2.24\win64\nssm.exe install insightenginekibana
Select the ... browse button in the top bar.
Go to Apps > Kibana > Bin and select Kibana.
Select Install Service.
Run the following command in PowerShell to start the Kibana service.
C:\Utils\nssm-2.24\win64\nssm.exe start "insightenginekibana"
Open your web browser and navigate to http://localhost:5601.
This may take a few minutes to load for the first time.
Login using the Elastic credentials.
Last updated