Install Kibana step by step

Lab description

The cluster we set up in the step-by-step installation of elastic search contains three servers, the roles of the servers are Master, data, Machine learning. In this lab we use free license given for a limited time, which will allow us to test Machine learning and Kibana advance capabilities.

Operating Systems

Kibana can install on Linux, Darwin, and Windows

Installing Kibana on Ubuntu 20.04

System requirement

Server Name	System requirement	Network requirement	server role
Kibana	8GB memory + 4 cores + 100GB disk size	5601 – kibana portal SSH – Manage	Kibana

Kibana perquisites

Installing servers

Deployment of Ubuntu server 20.04 for Kibana

Installing Ubuntu server step by step

static IP address
DNS address

add user and system information

enable SSH Server

Setting up a Firewall for Kibana

sudo ufw enable

sudo ufw allow ssh comment “Management port”

sudo ufw allow 5601 comment “Kibana Management port”

Checking firewall status for Kibana

Software requirements

net tool installation

apt install net-tools

Import PGP keys

wget -qO – https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add –

Installing Transport-https

sudo apt-get install apt-transport-https

Add a new source for downloads

echo “deb https://artifacts.elastic.co/packages/7.x/apt stable main” | sudo tee /etc/apt/sources.list.d/elastic-7.x.list

Installing Kibana using apt, the latest version supported by Wazuh EDR is 7.14.2, more here

sudo apt-get update && sudo apt-get install kibana = 7.14.2

Change Kibana default settings

Edit kibana.yml, kibana configuration file

sudo nano /etc/kibana/kibana.yml

Change default values in the kibana.yml file for Kibana:

#Kibana IP

server.host: “192.168.0.183”

#Server name

server.name: “kibana”

#Elasticsearch cluster (node01)

elasticsearch.hosts: [“http://192.168.0.180:9200”]

Setting up Kibana as a system service

Check if the system uses systemd or sysvinit

ps –no-headers -o comm 1

Getting Kibana up and running + Adding extra time start from boot

sudo mkdir /etc/systemd/system/kibana.service.d

echo -e “[Service] \ nTimeoutStartSec = 180” | sudo tee /etc/systemd/system/kibana.service.d/startup-timeout.conf

sudo / bin / systemctl daemon-reload
sudo / bin / systemctl enable kibana.service

start kibana service

service kibana start

Kibana status check

service kibana status

Access to Kibana portal

Kibana app listen to port 5601 by default, you can also check the status of Elasticsearch cluster through Kibana

http://192.168.0.183:5601/app/monitoring

Enable elasticsearch trial

to test elasticsearch advance feature like Machine learning, its optional to enable 30-day trial.

http://192.168.0.183:5601/app/management/stack/license_management

Next steps

Elasticsearch Enables minimal security

Like this article?

You may also enjoy these articles

SearchSploit: Guide to Exploit Database Search

July 14, 2022 No Comments

Searchsploit is a command-line tool that allows users to search the Exploit Database, which is a repository of publicly disclosed vulnerabilities and exploitation techniques. It

Guide to FFUF tool – Web Application Fuzzing

June 28, 2022 No Comments

FFUF is a powerful and flexible open-source tool for performing web application fuzzing. Whether you’re a security professional looking to identify vulnerabilities or a developer

Guide to sqlmap tool – sql injection

June 23, 2022 No Comments

SQLmap is an powerful open source tool used by hackers to detect and exploit SQL
injection flaws. SQLmap automates the process of detecting and

Hydra

June 16, 2022 No Comments

Hydra tool make password cracking to easy task, hydra can brute Force multiple protocols and services like ftp irc ldap2[s] ldap3 mongodb mssql mysql

Jim83 Blog