Download and install the Kibana 3 fork by issuing the following commands:

curl -L -O https://github.com/packetbeat/kibana/releases/download/v3.1.2-pb/kibana-3.1.2-packetbeat.tar.gz
tar -xzvf kibana-3.1.2-packetbeat.tar.gz

Kibana 3 is a pure JavaScript application running fully in the browser. It doesn’t have or need a sever-side part like most web applications. Instead, you only needed a web server to serve the JavaScript files and the static resources. For example, you can use Python to create a simple web server:

cd kibana-3.1.2-packetbeat
python -m SimpleHTTPServer

Now point your browser to port 8000, and you should see the Kibana web interface. It will probably complain that it cannot reach Elasticsearch, like in the following screenshot:

This is because cross-origin resource sharing (CORS) is disabled by default in recent versions of Elasticsearch to respect the "secure by default" philosophy. You can enable CORS by adding the following lines to the end of the /etc/elasticsearch/elasticsearch.yml file:

http.cors.enabled: true
http.cors.allow-origin: http://localhost:8000

Make sure that you replace http://localhost:8000 with the URL under which you access Kibana up to the first slash. Restart Elasticsearch:

sudo /etc/init.d/elasticsearch restart

And try again to access Kibana in your browser. You should now see Kibana’s welcome page.

To load our sample Kibana 3 dashboards, use the following commands:

curl -L -O https://download.elastic.co/beats/packetbeat/packetbeat-dashboards-k3-1.0.0~Beta1.tar.gz
tar xzvf packetbeat-dashboards-k3-1.0.0~Beta1.tar.gz
cd packetbeat-dashboards-k3-1.0.0~Beta1/
./load.sh localhost

Make sure you replace localhost with the host of your Elasticsearch server.