Elastic and Kibana Install (Windows)

This guide walks you through setting up a single node Elasticsearch cluster and Kibana instance. It should take around 2 hours to complete the Elastic and Kibana install.

If you are setting up a production environment, you will want to set up an Elasticsearch cluster. Please use the Elasticsearch website for more information on how to do this.

The Elastic token used to configure Kibana is only valid for 30 minutes. Once you have extracted Elastic you have 30 minutes to Install and Configure Kibana.  It is not a long process but please ensure you have that time to complete these steps.

Prerequisites

Check the Elastic and Kibana versions needed for your Aiimi Insight Engine deployment. This information is in the release notes for your distribution.
Get your XPack Elasticsearch licence. You can you a trial licence.
Install Notepad++ or a similar text editing software.

PowerShell Hint

PowerShell will continue to scroll down as a process remains running. If you select and highlight a section of the window, the auto scroll will stop.

This makes it easier to find your password and token when you install Elastic.

Folder Structure Set Up

The Elasticsearch and Kibana install need a specific folder structure. You can create this yourself or use a PowerShell query.

You can choose the drive you want to use. We do recommend these are in the root of the folder. This guide will assume you are using the C:\ drive.

C:\Apps
C:\InsightMaker
C:\Downloads
C:\Utils

PowerShell Query

Open PowerShell as an Admin.

Run the following script.

Check the storage path in this script before running it. For example: (C:).

mkdir C:\Apps;
mkdir C:\InsightMaker;
mkdir C:\Downloads;
mkdir C:\Utils

Download Software

Download and save the InsightEngine zip file from GitHub in to your new Downloads folder.

If you do not have access to this reach out to your Aiimi contact.

Run the following script in an Admin PowerShell to download any additional software needed

Check the storage path and release names match the required versions. For example: (C:), (elasticsearch-8.17.3).

Start-BitsTransfer -Source "https://nssm.cc/release/nssm-2.24.zip" -destination "C:\Downloads";
Start-BitsTransfer -Source "https://github.com/notepad-plus-plus/notepad-plus-plus/releases/download/v8.4.9/npp.8.4.9.Installer.x64.exe" -destination "C:\Downloads";
Start-BitsTransfer -Source "https://www.7-zip.org/a/7z2201-x64.exe" -destination "C:\Downloads";
Start-BitsTransfer -Source "https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.17.3-windows-x86_64.zip" -destination "C:\Downloads";
Start-BitsTransfer -Source "https://artifacts.elastic.co/downloads/kibana/kibana-8.17.3-windows-x86_64.zip" -destination "C:\Downloads"

Go to your downloads folder and check everything has downloaded.

7-Zip
Elasticsearch
Kibana
Notepad ++
NSSM

Extract Software

Extract 4 of the zip files by running the following script in an Admin PowerShell.

Check the storage path and release names match the required versions. For example: (C:), (elasticsearch-8.17.3).

Expand-Archive -Force C:\Downloads\elasticsearch-8.17.3-windows-x86_64.zip C:\Apps;
Expand-Archive -Force C:\Downloads\Kibana-8.17.3-windows-x86_64.zip C:\Apps;
Expand-Archive -Force C:\Downloads\nssm-2.24.zip C:\Utils;
Expand-Archive -Force C:\Downloads\insightengine-win.2025.5.7.zip C:\InsightMaker

Check each file has extracted to the correct location.

Elasticsearch is in the Apps folder.
Kibana is in the Apps folder.
NSSM is in the Utils folder.
There should be 13 folders within the Insight Maker folder.

Configure Elastic

You need to update a few configurations in the Elastic config file. It ensures the necessary paths match your system.

Run the following script in an Admin PowerShell to update these.

Check the storage path and release names match the required versions. For example: (C:), (elasticsearch-8.17.3).

$Filename = "C:\Apps\elasticsearch-8.17.3\config\elasticsearch.yml";
((Get-Content -path $Filename -Raw) -replace '#cluster.name: my-application','cluster.name: ') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#node.name:','node.name:') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#path.data: /path/to/data','path.data: C:\Apps\Data') | Set-Content -Path $Filename;
((Get-Content -path $Filename  -Raw) -replace '#path.logs: /path/to/logs','path.logs: C:\tmp\logs') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#network.host: 192.168.0.1','network.host: 0.0.0.0') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#discovery.seed_hosts:','discovery.seed_hosts:') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace 'host1','0.0.0.0') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace ', "host2"','') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#cluster.initial_master_nodes:','cluster.initial_master_nodes:') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace ', "node-2"]',']')  | Set-Content -Path $Filename

Install Elastic

Close your previous PowerShell window to avoid confusion.

Open a new Admin PowerShell.

Run the following script to Install Elastic as a service.

Check the storage path and release names match the required versions. For example: (C:), (elasticsearch-8.17.3).

cd C:\Apps\elasticsearch-8.17.3;
.\bin\elasticsearch.bat

Do not close PowerShell when this script has finished.

This will return a password for Elastic. Make a note of this for later.

It will also return a token needed for the Kibana install. Make a note of this for later.

Test Install

Open your web browser and navigate to https://localhost:9200.

If this was successful it will show a block of code that contains build details. These should include, Name, Cluster_uuid, Build_flavour, etc.

Install Kibana

Open a new Admin PowerShell window.

Do not close the previous window.

Run the following script to Install Kibana.

Check the storage path and release names match the required versions. For example: (C:), (kibana-8.17.3).

cd C:\Apps\kibana-8.17.3\bin;
.\kibana.bat

Do not close PowerShell when this script has finished.

Once this has finished running a URL will appear. In your browser, Navigate to that URL.

Copy the enrolment token you got from the Elastic PowerShell.

Paste it into the Enrolment token in the Kibana session.

Select Configure Elastic.

The configuration may not complete. That's not an issue at this point.

In your web browser, navigate to http://localhost:5601.

Use the Elastic credentials you used earlier to login.

Update Elastic License

Copy the text of your Elastic license into a Notepad++ file.

Save this as 'Dev-license.json' in the root folder.

Within http://localhost:5601 navigate to the Management tab on the left.

Select Elastic License Management.

Upload the Dev-license.json file via the license manager.

It is normal for this to cause an access issue in Kibana. If it doesn't, check Elastic isn't already installed in 'Programs and Features'. Remove it if it is there.

Create Elastic Certificate

Open another new PowerShell as an Admin.

This should be the third PowerShell you have open.

Create the CA Cert

Run the following script to create an Elastic ca cert.

Check the storage path and release names match the required versions. For example: (C:), (elasticsearch-8.17.3).

cd C:\Apps\elasticsearch-8.17.3\bin;
.\elasticsearch-certutil ca

When prompted for an output file, leave this empty and press Enter.

If asked if you want to overwrite the existing file, type Y and press enter.

When prompted for the CA password enter a secure password.

This password cannot include any special characters.

Create the Certificate

Run the following script to create an Elastic certificate.

Check the storage path and release names match the required versions. For example: (C:), (elasticsearch-8.17.3).

./elasticsearch-certutil cert -ca C:\Apps\elasticsearch-8.17.3\elastic-stack-ca.p12;

When prompted enter the CA password you created.

When prompted for an output file, leave this empty and press Enter.

When prompted enter a password for this certificate and press enter

This password cannot include any special characters. For added security this should be different to the CA password.

Copy Certificates

Run the following script to create a new folder and move the certificates to it.

Check the storage path and release names match the required versions. For example: (C:), (elasticsearch-8.17.3).

mkdir C:\Apps\certs;

copy-item C:\Apps\elasticsearch-8.17.3\*.p12 -Destination C:\Apps\certs

move C:\Apps\elasticsearch-8.17.3\*.p12 C:\Apps\elasticsearch-8.17.3\config\certs

Secure Connection Configuration

A few configurations need updating to use Xpack security. This improves the security between Kibana and Elastic.

Run the following script to make these changes.

Check the storage path and release names match the required versions. For example: (C:), (elasticsearch-8.17.3).

$Filename="C:\Apps\elasticsearch-8.17.3\config\elasticsearch.yml";

((Get-Content -path $Filename -Raw) -replace 'http.p12','elastic-certificates.p12') | Set-Content -Path $Filename

((Get-Content -path $Filename -Raw) -replace 'transport.p12','elastic-certificates.p12') | Set-Content -Path $Filename;

((Get-Content -path $Filename -Raw) -replace '#action.destructive_requires_name: false','action.destructive_requires_name: true') | Set-Content -Path $Filename;

(Get-Content -path $Filename) | ? {$_.trim() -ne "" } | set-content $Filename

Setup Elastic Keystore

The certificate password needs updating in a few places to match your new password.

Run the following script to update the transport keystore password.

Check the storage path and release names match the required versions. For example: (C:), (elasticsearch-8.17.3).

cd C:\Apps\elasticsearch-8.17.3\bin;
.\elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password

If asked if you want to overwrite the existing file, type Y and press enter.

When prompted enter the Certificate password you created and press enter.

Be careful when you enter your password, as it does not show what you have entered.

Run the following script to update the transport truststore password.

.\elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password

If asked if you want to overwrite the existing file, type Y and press enter.

When prompted enter the Certificate password you created and press enter.

Be careful when you enter your password, as it does not show what you have entered.

Run the following script to update the http keystore password.

.\elasticsearch-keystore add xpack.security.http.ssl.keystore.secure_password

If asked if you want to overwrite the existing file, type Y and press enter.

When prompted enter the Certificate password you created and press enter.

Be careful when you enter your password, as it does not show what you have entered.

Run the following script to update the http truststore password.

.\elasticsearch-keystore add xpack.security.http.ssl.truststore.secure_password

When prompted enter the Certificate password you created and press enter.

Be careful when you enter your password, as it does not show what you have entered.

Configure Secure Connection

Run the following script to update the verification mode in the kibana.yml file.

Check the storage path and release names match the required versions. For example: (C:), (kibana-8.17.3).

$Filename="C:\Apps\Kibana-8.17.3\config\kibana.yml";

((Get-Content -path $Filename -Raw) -replace '#elasticsearch.ssl.verificationMode: full','elasticsearch.ssl.verificationMode: none') | Set-Content -Path $Filename

You can now close the PowerShell consoles you have open.

Within each console press Ctrl + C to end the session.
It will ask if you want to terminate the session. Enter Y to confirm.

Install Elastic Service

Open PowerShell as an Admin.

Run the following command to install the Elastic service.

Check the storage path and release names match the required versions. For example: (C:), (elasticsearch-8.17.3).

C:\Apps\elasticsearch-8.17.3\bin\elasticsearch-service.bat install

Run the following command to start the Elastic service.

Check the storage path and release names match the required versions. For example: (C:), (elasticsearch-8.17.3).

C:\Apps\elasticsearch-8.17.3\bin\elasticsearch-service.bat start

Open your web browser and navigate to https://localhost:9200.

This may take a few minutes to load for the first time.

Install Kibana Service

Run the following script to install the Kibana Service.

Check the storage path and release names match the required versions. For example: (C:), (nssm-2.24).

C:\Utils\nssm-2.24\win64\nssm.exe install insightenginekibana

Select the browse (...) button in the top field.

Navigate to Apps > Kibana > Bin and select Kibana.

Select Install Service.

Run the following script to start the Kibana service.

Check the storage path and release names match the required versions. For example: (C:), (nssm-2.24).

C:\Utils\nssm-2.24\win64\nssm.exe start "insightenginekibana"

Open your web browser and navigate to http://localhost:5601.

This may take a few minutes to load the first time.

PreviousTools & Utilities NextAiimi Insight Engine Installation (Windows)

Last updated 19 days ago