Elastic and Kibana Install (Windows)

This guide walks through the steps to set up a single node Elasticsearch cluster and an instance of Kibana. It should take around 2 hours to complete the Elastic and Kibana install.

If you are setting up a production environment, you will want to set up an Elasticsearch cluster. More information on this can be found on the ElasticSearch website.

The Elastic token needed to configure Kibana is only valid for 30 minutes. Once Elastic has been extracted you have 30 minutes to Install and Configure Kibana.  It is not a long process but it's important you have that time to complete these steps.

Prerequisites

Check the Elastic and Kibana version needed for the Aiimi Insight Engine you are deploying in the release notes for your distribution.
Obtain your XPack Elasticsearch licence (or you can enable a trial).
Install Notepad++ or similar text editing software.

Folder Structure Set Up

A specific folder structure is needed for the installation of Elasticsearch and Kibana. You can create this structure using a PowerShell query or manually.

PowerShell

Run the following script in an Admin powerShell.
- This will create the necessary folders needed to install Kibana and Elastic.

Check the path of the storage location in this script before running it. For example: (C:\).

mkdir C:\Apps;
mkdir C:\InsightEngine;
mkdir C:\Downloads;
mkdir C:\Utils

Manual

In your chosen file location create 4 folders.

Apps
InsightEngine
Upgrades
Utils

Download Software

Download the InsightEngine zip file from the GitHub area and put it in the Downloads folder you created.
- If you do not have access to this reach out to your Aiimi contact.
Right Click PowerShell and select Run as Administrator.
Copy the following script into the PowerShell to download the redistributable and dotnet bundle.

Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).

Start-BitsTransfer -Source "https://nssm.cc/release/nssm-2.24.zip" -destination "C:\Downloads";
Start-BitsTransfer -Source "https://github.com/notepad-plus-plus/notepad-plus-plus/releases/download/v8.4.9/npp.8.4.9.Installer.x64.exe" -destination "C:\Downloads";
Start-BitsTransfer -Source "https://www.7-zip.org/a/7z2201-x64.exe" -destination "C:\Downloads";
Start-BitsTransfer -Source "https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.17.3-windows-x86_64.zip" -destination "C:\Downloads";
Start-BitsTransfer -Source "https://artifacts.elastic.co/downloads/kibana/kibana-8.17.3-windows-x86_64.zip" -destination "C:\Downloads"

Extract Software

The Elastic, Kibana, nssm and InsightEngine zip files need to be extracted.

PowerShell

Run the following script in an Admin PowerShell.

Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).

Expand-Archive -Force C:\Downloads\elasticsearch-8.17.3-windows-x86_64.zip C:\Apps;
Expand-Archive -Force C:\Downloads\Kibana-8.17.3-windows-x86_64.zip C:\Apps;
Expand-Archive -Force C:\Downloads\nssm-2.24.zip C:\Utils;
Expand-Archive -Force C:\Downloads\insightengine-win.2025.5.7.zip C:\InsightEngine

Check the files have extracted to the correct location.
- Elastic Search is in the Apps folder. Kibana is in the Apps folder. nssm is in the Utils folder. There should be 13 folders within the Insight Engine folder.

Manual

ElasticSearch -

Extract the ElasticSearch download into the Apps folder you created earlier.

Kibana -

Extract the Kibana download into the Apps folder you created earlier.

nssm -

Extract the nssm download into the Utils folder you created earlier.

Insight Engine -

Extract the Insight Engine download into the Insight Engine folder you created earlier.

Elastic Configuration

The configurations within the Elastic config file need to be updated.

Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).

$Filename = "C:\Apps\elasticsearch-8.17.3\config\elasticsearch.yml";
((Get-Content -path $Filename -Raw) -replace '#cluster.name: my-application','cluster.name: ') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#node.name:','node.name:') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#path.data: /path/to/data','path.data: C:\Apps\Data') | Set-Content -Path $Filename;
((Get-Content -path $Filename  -Raw) -replace '#path.logs: /path/to/logs','path.logs: C:\tmp\logs') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#network.host: 192.168.0.1','network.host: 0.0.0.0') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#discovery.seed_hosts:','discovery.seed_hosts:') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace 'host1','0.0.0.0') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace ', "host2"','') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace '#cluster.initial_master_nodes:','cluster.initial_master_nodes:') | Set-Content -Path $Filename;
((Get-Content -path $Filename -Raw) -replace ', "node-2"]',']')  | Set-Content -Path $Filename

Install Elastic

PowerShell Hint

Your PowerShell will continue to auto scroll down as the process remains running. If you select and highlight a section of the prompt window the auto scroll will stop. This will make it easier to find your password and token.

Elastic needs to be installed as a service and this can be done with a PowerShell script.

Run the following PowerShell script in a new Admin PowerShell.

Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).

cd C:\Apps\elasticsearch-8.17.3;
.\bin\elasticsearch.bat

Do not close the PowerShell when this script has finished.

This will return the password for Elastic.
- Make a note of this for later.
This will also return a token needed for the Kibana install.
- Make a note of this for later.

Test if your install worked by opening a web browser and navigating to https://localhost:9200.
To login enter 'elastic' in the username and the password from the previous PowerShell.

Do not close this PowerShell yet.

Install Kibana

Open another Admin PowerShell window and run the following Script.

Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (kibana-8.17.3).

cd C:\Apps\kibana-8.17.3\bin;
.\kibana.bat

A URL will appear once it's finished. Navigate to that URL in your browser.
Copy the token you got from the Elastic PowerShell and paste it into the Enrolment token in the Kibana session.
Select Configure Elastic.
- The configuration may not complete at this point. That's not an issue at this point.
Open a web browser and navigate to http://localhost:5601.
Use the Elastic credentials you used earlier to login.

Do not close this PowerShell yet.

Update Elastic License

Copy the text of you Elastic license into a Notepad++ file.
Save this file as Dev-license.json in the root folder.
Within http://localhost:5601 navigate to the Management tab on the left and open the Elastic License Management.
Upload the Dev-license.json file to Kibana via the license manager.
- It is normal for this to cause Kibana to throw an access error. If it doesn't, check that Elastic hasn't been installed before in 'Programs and Features' (and remove it if it's present).

Create Elastic Certificate

Open another new PowerShell as an Admin.
- This will be the third PowerShell you have open.
Run the following PowerShell script.

Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).

cd C:\Apps\elasticsearch-8.17.3\bin;
.\elasticsearch-certutil ca

When prompted for an output file press Enter.
If asked if you want to overwrite the existing file, enter Y.
When prompted for the CA password enter a secure password.
- This password cannot include any special characters.
Run the following PowerShell Script to create the certificate.

Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).

./elasticsearch-certutil cert -ca C:\Apps\elasticsearch-8.17.3\elastic-stack-ca.p12;

When prompted enter the CA password.
When prompted for an output file press the Enter key.
When prompted enter the Cert password.
- This password cannot include any special characters and must be different to the CA password.

Copy Certificates

You need to create a new certs folder and copy the certs to that folder.

Run the following Script to create the folder and more the certs.

Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).

mkdir C:\Apps\certs;

copy-item C:\Apps\elasticsearch-8.17.3\*.p12 -Destination C:\Apps\certs

move C:\Apps\elasticsearch-8.17.3\*.p12 C:\Apps\elasticsearch-8.17.3\config\certs

Secure Connection Configuration

This updates a number of configurations need to add Xpack security. This improves the security between Kibana and Elastic.

Run the following script to make these changes automatically.

Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).

$Filename="C:\Apps\elasticsearch-8.17.3\config\elasticsearch.yml";

((Get-Content -path $Filename -Raw) -replace 'http.p12','elastic-certificates.p12') | Set-Content -Path $Filename

((Get-Content -path $Filename -Raw) -replace 'transport.p12','elastic-certificates.p12') | Set-Content -Path $Filename;

((Get-Content -path $Filename -Raw) -replace '#action.destructive_requires_name: false','action.destructive_requires_name: true') | Set-Content -Path $Filename;

(Get-Content -path $Filename) | ? {$_.trim() -ne "" } | set-content $Filename

Elastic Keystore Setup

The certificate password is used in a number of places and needs to be updated to match the certificate password you just set.

Run the following scripts one by one.

Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).

cd C:\Apps\elasticsearch-8.17.3\bin;
.\elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password

If asked do you want to overwrite the existing file, enter Y.
When prompted enter the Certificate password.
Then run the following script.

.\elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password

If asked do you want to overwrite the existing file, enter Y.
When prompted enter the Certificate password.
Then run the following script.

.\elasticsearch-keystore add xpack.security.http.ssl.keystore.secure_password

If asked do you want to overwrite the existing file, enter Y.
When prompted enter the Certificate password.
Then run the following script.

.\elasticsearch-keystore add xpack.security.http.ssl.truststore.secure_password

When prompted enter the Certificate password.

Kibana SSL Configuration

Run the following PowerShell script to update the Kibana.yml file.

Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (kibana-8.17.3).

$Filename="C:\Apps\Kibana-8.17.3\config\kibana.yml";

((Get-Content -path $Filename -Raw) -replace '#elasticsearch.ssl.verificationMode: full','elasticsearch.ssl.verificationMode: none') | Set-Content -Path $Filename

You can now close the Elastic and Kibana PowerShell consoles.
Within each console select Ctrl + C.
It will then ask if you want to terminate the session. Enter Y to confirm.

Install Elastic Service

Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (elasticsearch-8.17.3).

Run the following command in PowerShell to install the Elastic Service.

C:\Apps\elasticsearch-8.17.3\bin\elasticsearch-service.bat install

Run the following command to start the elastic service.

C:\Apps\elasticsearch-8.17.3\bin\elasticsearch-service.bat start

Open your web browser and navigate to https://localhost:9200.
- This may take a few minutes to load for the first time.
Login using the Elastic credentials.

Install Kibana Service

Check the path of the storage location and release names match the required version before running this script. For example: (C:\), (nssm-2.24).

Run the following command in PowerShell to install the Kibana Service.

C:\Utils\nssm-2.24\win64\nssm.exe install insightenginekibana

Select the ... browse button in the top bar.
Go to Apps > Kibana > Bin and select Kibana.
Select Install Service.
Run the following command in PowerShell to start the Kibana service.

C:\Utils\nssm-2.24\win64\nssm.exe start "insightenginekibana"

Open your web browser and navigate to http://localhost:5601.
- This may take a few minutes to load for the first time.
Login using the Elastic credentials.

PreviousTools & Utilities NextAiimi Insight Engine Installation (Windows)

Last updated 1 month ago