Skip to main content

Kibana Installation

Kibana v8.17.10 is downloaded as follows: 
# Create and authorize the Apinizer user.
sudo adduser apinizer
sudo usermod -aG sudo apinizer

# Switch to the user and continue operations
sudo su - apinizer

# It is recommended that all of the following tools be installed on all servers
sudo apt update
sudo apt install -y curl wget net-tools gnupg2 software-properties-common apt-transport-https ca-certificates

sudo mkdir /opt/kibana
cd /opt/kibana
sudo wget https://artifacts.elastic.co/downloads/kibana/kibana-8.17.10-linux-x86_64.tar.gz
sudo tar -xzf kibana-8.17.10-linux-x86_64.tar.gz
Navigate to the directory where Kibana was extracted (kibana-8.17.10-linux-x86_64/). 
cd kibana-8.17.10-linux-x86_64/
Creating Authentication Token Create a token in the elasticsearch directory: 
/opt/elasticsearch/elasticsearch-8.17.10/bin/elasticsearch-service-tokens create elastic/kibana kibana-token
Note the token information provided in the command output. This information is used in the elasticsearch.serviceAccountToken field in the kibana.yml file. (Alternatively, the password of the kibana_system user can also be used, but the token method is the preferred option.)
Preparing SSL Certificates 
cd /opt/elasticsearch/elasticsearch-8.17.10/config/certs/

# 1. Export Root Certificate (CA)
openssl pkcs12 -in elastic-stack-ca.p12 -nokeys -out elastic-stack-ca.crt -passin pass:""

# 2. Export Private Key without password
openssl pkcs12 -in elastic-certificates.p12 -nocerts -nodes -out elastic-certificates.key -passin pass:""
Certificate Transfer and Authorization 
# 1. CA Certificate Transfer
sudo cp /opt/elasticsearch/elasticsearch-8.17.10/config/certs/elastic-stack-ca.crt /opt/kibana/kibana-8.17.10/config/

# 2. Server Certificate Transfer
sudo cp /opt/elasticsearch/elasticsearch-8.17.10/config/certs/elastic-certificates.crt /opt/kibana/kibana-8.17.10/config/

# 3. Private Key Transfer
sudo cp /opt/elasticsearch/elasticsearch-8.17.10/config/certs/elastic-certificates.key /opt/kibana/kibana-8.17.10/config/
Setting File Permissions (Kibana Server) 
# For the key file to be readable only by the file owner:
sudo chmod 600 /opt/kibana/kibana-8.17.10/config/elastic-certificates.key

# (Optional) Giving file ownership to the service user: 
sudo chown -R apinizer:apinizer /opt/kibana/
Edit the server information for Apinizer’s Elasticsearch Integration in the “kibana.yml” file in the Config folder for configuration. File Path: /opt/kibana/kibana-8.17.10/config/kibana.yml 
sudo vi config/kibana.yml

server.port: 5601

# IP address Kibana will listen on. 
# The value "0.0.0.0" allows the server to accept requests from all network interfaces.
server.host: "0.0.0.0"

# Base URL used for external access to Kibana (important behind Proxy or Load Balancer)
server.publicBaseUrl: "https://<KIBANA_SERVER_IP>:<KIBANA_PORT>"

server.ssl.enabled: true

server.ssl.certificate: "/opt/kibana/kibana-8.17.10/config/elastic-certificates.crt"
server.ssl.key: "/opt/kibana/kibana-8.17.10/config/elastic-certificates.key"


elasticsearch.hosts: ["https://<ELASTICSEARCH_IP>:<ELASTICSEARCH_PORT>"]

# Service Account Token is used for authentication.
# (This method is recommended for performance and security instead of username/password)
elasticsearch.serviceAccountToken: "<SERVICE_ACCOUNT_TOKEN>"

# ----------------------------------------------------------------
# ELASTICSEARCH SSL SECURITY SETTINGS
# ----------------------------------------------------------------
# Root Certificate (CA) used to verify the identity of the Elasticsearch server
elasticsearch.ssl.certificateAuthorities: [ "/opt/kibana/kibana-8.17.10/config/elastic-stack-ca.crt" ]

elasticsearch.ssl.verificationMode: certificate

Setting Up Kibana as a Linux Service

sudo vi /etc/systemd/system/kibana.service

[Unit]
Description=Kibana 8.17.10
After=network.target

[Service]
Type=simple
# Write the user who owns the Kibana files (In your case 'apinizer')
User=apinizer
Group=apinizer

# Directory where Kibana is located and execution command
ExecStart=/opt/kibana/kibana-8.17.10/bin/kibana
WorkingDirectory=/opt/kibana/kibana-8.17.10

# Performance and Log settings
Restart=always
RestartSec=5
StandardOutput=journal
StandardError=inherit

# Node.js memory limit (Optional but recommended, can be increased according to RAM)
Environment=NODE_OPTIONS="--max-old-space-size=2048"

[Install]
WantedBy=multi-user.target

sudo systemctl daemon-reload
sudo systemctl enable kibana.service
sudo systemctl start kibana.service
sudo systemctl status kibana.service

sudo netstat -tulpn | grep 5601