DAE service failure during startup
- Open the <dir>:\ManageEngine\EventLog Analyzer\logs\wrapper.log file.
- Search for DAEService status in the wrapper file.
- If it hasn't been created, look for the serverout_yyyy-mm-dd.txt file from the same day in the logs folder. Check whether the connection via port 9300/9322 has failed.
- Open the <dir>:\ManageEngine\elasticsearch\ES\logs\wrapper.log file and check the Elasticsearch (ES) status.
- If ES is not running, manually start it by following the steps below:
- Open the command prompt with admin privileges.
- Navigate to <dir>:\ManageEngine\elasticSearch\ES\bin.
- Execute startES.bat to start ES.
- Wait for a few seconds and refer to the wrapper.log file again to find out the exact exception. Carry out the steps according to the traces found.
- Out of memory or JVM heap memory:
- Stop ES by executing the stopES.bat file located at <dir>:\ManageEngine\elasticsearch\ES\bin.
- Open the <dir>:\ManageEngine\elasticsearch\ES\config\es-additional-wrapper.conf file.
- Increase both the Initial and Maximum Java Heap Size (both should be of the same value) to one-third of the server's RAM size. For example, if the server has 16GB, you can assign up to 4GB as a best practice.
- Incorrect read/write permissions (e.g., location not found):
- Stop ES by executing the stopES.bat file located at <dir>:\ManageEngine\elasticsearch\ES\bin.
- Check if the service account has read/write access to the ES storage location.
- Examine the <dir>:\ManageEngine\elasticsearch\ES\config\DAE.properties file and the <dir>:\ManageEngine\elasticsearch\ES\config\elasticsearch.yml file for corruption.
- After completing these steps, if ES is running: Stop ES > delete the ES\Data\node.lock file > start EventLog Analyzer.
- If the issue persists, reach out to our technical support team.
New to ADSelfService Plus?
Related Articles
Installing Log360 as a service
How to: Deploying Log360 as a service: Via Command Prompt: Remote login to the Log360 Server. Open a command prompt with admin privileges. Navigate to <dir>:\ManageEngine\Log360\bin Execute the following commands to ensure that the instance is not ...
Windows agent service is not running
Establish a remote connection with the machine running the agent. Open services.msc and check if the ManageEngine EventLog Analyzer agent service is running. Open a web browser and ensure that the EventLog Analyzer web console is accessible. Open the ...
How to deploy EventLog Analyzer as a service?
EventLog Analyzer as a service can be deployed in two ways: Via the command prompt: Establish a remote connection with the server where EventLog Analyzer is installed. Open the command prompt with Admin privileges. Navigate to ...
Log collection failure alerts
Device down alert: When configured devices don't respond to pings from EventLog Analyzer, it implies either of the following: The selected Syslog devices are not sending logs to EventLog Analyzer. EventLog Analyzer has not collected logs from the ...
How to troubleshoot JVM Memory Error?
Stop the ManageEngine EventLog Analyzer service. Navigate to <EventLog Analyzer home>/server/conf. Open the file wrapper.conf. Search for wrapper.java.maxmemory. Change the default value (1024) to wrapper.java.maxmemory=4096. (The value should not ...