DAE service failure during startup
- Open the <dir>:\ManageEngine\EventLog Analyzer\logs\wrapper.log file.
- Search for DAEService status in the wrapper file.
- If it hasn't been created, look for the serverout_yyyy-mm-dd.txt file from the same day in the logs folder. Check whether the connection via port 9300/9322 has failed.
- Open the <dir>:\ManageEngine\elasticsearch\ES\logs\wrapper.log file and check the Elasticsearch (ES) status.
- If ES is not running, manually start it by following the steps below:
- Open the command prompt with admin privileges.
- Navigate to <dir>:\ManageEngine\elasticSearch\ES\bin.
- Execute startES.bat to start ES.
- Wait for a few seconds and refer to the wrapper.log file again to find out the exact exception. Carry out the steps according to the traces found.
- Out of memory or JVM heap memory:
- Stop ES by executing the stopES.bat file located at <dir>:\ManageEngine\elasticsearch\ES\bin.
- Open the <dir>:\ManageEngine\elasticsearch\ES\config\es-additional-wrapper.conf file.
- Increase both the Initial and Maximum Java Heap Size (both should be of the same value) to one-third of the server's RAM size. For example, if the server has 16GB, you can assign up to 4GB as a best practice.
- Incorrect read/write permissions (e.g., location not found):
- Stop ES by executing the stopES.bat file located at <dir>:\ManageEngine\elasticsearch\ES\bin.
- Check if the service account has read/write access to the ES storage location.
- Examine the <dir>:\ManageEngine\elasticsearch\ES\config\DAE.properties file and the <dir>:\ManageEngine\elasticsearch\ES\config\elasticsearch.yml file for corruption.
- After completing these steps, if ES is running: Stop ES > delete the ES\Data\node.lock file > start EventLog Analyzer.
- If the issue persists, reach out to our technical support team.
New to ADSelfService Plus?
Related Articles
Installing Log360 as a service
How to: Deploying Log360 as a service: Via Command Prompt: Remote login to the Log360 Server. Open a command prompt with admin privileges. Navigate to <dir>:\ManageEngine\Log360\bin Execute the following commands to ensure that the instance is not ...
Windows agent service is not running
Establish a remote connection with the machine running the agent. Open services.msc and check if the ManageEngine EventLog Analyzer agent service is running. Open a web browser and ensure that the EventLog Analyzer web console is accessible. Open the ...
How to deploy EventLog Analyzer as a service?
EventLog Analyzer as a service can be deployed in two ways: Via the command prompt: Establish a remote connection with the server where EventLog Analyzer is installed. Open the command prompt with Admin privileges. Navigate to ...
Log collection failure alerts
Device down alert: When configured devices don't respond to pings from EventLog Analyzer, it implies either of the following: The selected Syslog devices are not sending logs to EventLog Analyzer. EventLog Analyzer has not collected logs from the ...
Windows: File Integrity Monitoring (FIM) issues
Prerequisites: An agent needs to be deployed on the respective machine. Open the EventLog Analyzer GUI. Go to the Settings tab > Configuration > Manage File Integrity Monitoring. Configure the folders in the machine that should be monitored. Verify ...