DAE service failure during startup
- Open the <dir>:\ManageEngine\EventLog Analyzer\logs\wrapper.log file.
- Search for DAEService status in the wrapper file.
- If it hasn't been created, look for the serverout_yyyy-mm-dd.txt file from the same day in the logs folder. Check whether the connection via port 9300/9322 has failed.
- Open the <dir>:\ManageEngine\elasticsearch\ES\logs\wrapper.log file and check the Elasticsearch (ES) status.
- If ES is not running, manually start it by following the steps below:
- Open the command prompt with admin privileges.
- Navigate to <dir>:\ManageEngine\elasticSearch\ES\bin.
- Execute startES.bat to start ES.
- Wait for a few seconds and refer to the wrapper.log file again to find out the exact exception. Carry out the steps according to the traces found.
- Out of memory or JVM heap memory:
- Stop ES by executing the stopES.bat file located at <dir>:\ManageEngine\elasticsearch\ES\bin.
- Open the <dir>:\ManageEngine\elasticsearch\ES\config\es-additional-wrapper.conf file.
- Increase both the Initial and Maximum Java Heap Size (both should be of the same value) to one-third of the server's RAM size. For example, if the server has 16GB, you can assign up to 4GB as a best practice.
- Incorrect read/write permissions (e.g., location not found):
- Stop ES by executing the stopES.bat file located at <dir>:\ManageEngine\elasticsearch\ES\bin.
- Check if the service account has read/write access to the ES storage location.
- Examine the <dir>:\ManageEngine\elasticsearch\ES\config\DAE.properties file and the <dir>:\ManageEngine\elasticsearch\ES\config\elasticsearch.yml file for corruption.
- After completing these steps, if ES is running: Stop ES > delete the ES\Data\node.lock file > start EventLog Analyzer.
- If the issue persists, reach out to our technical support team.
New to ADSelfService Plus?
Related Articles
How to get notified about EventLog Analyzer's log collector failure
Objective EventLog Analyzer can send email alerts when the internal log collector service (SysEvtCol) crashes or stops unexpectedly. This alert helps administrators detect disruptions in core log ingestion and take immediate corrective action to ...
How to install EventLog Analyzer as a Windows service
Objective Installing EventLog Analyzer as a Windows service ensures the application starts automatically with the operating system and runs continuously in the background. This setup is essential for uninterrupted log collection, alerting, and ...
Log import failure during remote log collection in EventLog Analyzer
Issue description EventLog Analyzer will display an error notification in the UI stating that the log import for selected files has failed. This issue will happen when EventLog Analyzer is unable to import a file during the scheduled log import ...
Installing Log360 as a service
How to: Deploying Log360 as a service: Via Command Prompt: Remote login to the Log360 Server. Open a command prompt with admin privileges. Navigate to <dir>:\ManageEngine\Log360\bin Execute the following commands to ensure that the instance is not ...
How to uninstall the EventLog Analyzer service
Objective This article provides step by step instructions to uninstall the EventLog Analyzer service. Prerequisites Access to EventLog Analyzer as an Admin/sudo user is required to execute .bat or .sh files. Steps to follow Step 1: Access EventLog ...