How to back up EventLog Analyzer

How to back up EventLog Analyzer

Objective 

This article will help you perform a manual folder backup, which can be used for restoring the ManageEngine EventLog Analyzer installation with all existing configurations. 

Prerequisites 

  • Access to the EventLog Analyzer server with full access control to access the EventLog Analyzer directory to copy the files
  • Access to perform admin actions like stopping services and ending background processes via Task Manager
  • Sufficient storage to store the backup

Steps to follow 

Step 1: Stop the EventLog Analyzer service.
Step 2: Open Command Prompt as an admin and set the path to <Installation directory>\ManageEngine\EventLog Analyzer\bin.
Step 3: Execute the following commands to ensure that the instance is completely shut down:
    • shutdown.bat
    • stopDB.bat
    • stopSEC.bat
Step 4: In the same window, set the path to <Installation Directory>:\ManageEngine\EventLog Analyzer\ES\bin or <Installation Directory>:\ManageEngine\elasticsearch\ES\bin (if common Elasticsearch is used).
Step 5: Execute the following command to ensure that the Elasticsearch engine is stopped:
    • StopES.bat
Step 6: Navigate to Task Manager > Details and ensure that the wrapper.exe, SysEvtCol.exe, postgres.exe, and java.exe processes and any processes related to EventLog Analyzer are not running from the EventLog Analyzer installation directory path. If they are running, end the task or process tree manually.
Step 7: Initiate the backup, which can be made in two ways: a folder backup or a server snapshot.
    • For a folder backup:
  1. You can back up the entire folder to have a backup of the installation directory with data. 
  2. If you have set the live data and archive data in a different location, back them up manually. The location can be validated in EventLog Analyzer under Settings > System Settings > System Diagnostics > System Utilization. Hover over Archives or Index to see the data storage location.


Note: You may skip backing up archive and index data if you’re performing a service pack upgrade or if your archives are stored in a redundant file system as these files will remain unaffected. If there are any impacts during an upgrade, they will be mentioned in the release notes, and you will be prompted about them before proceeding with the upgrade.
Step 8: If you use a Microsoft SQL Server database for the back end, initiate a backup for the database separately.
Step 9: Once the backup process is completed, restart the application.

 Tips 

  • Maintain periodic installation backups during maintenance for configuration redundancy.
  • Stop the application completely before proceeding with the backup process.
  • Maintain a redundant file system for storing archives.

 Related topics and articles


                  New to ADSelfService Plus?

                    • Related Articles

                    • Unable to start EventLog Analyzer

                      Issue description This issue occurs when the EventLog Analyzer service fails to start, or when users are unable to access the web client through the browser (typically on ports 8400 or 8445). Users may experience one or more of the following ...
                    • Enabling historic log collection in EventLog Analyzer

                      EventLog Analyzer collects all the logs present in the Windows Event Viewer (i.e., Windows Logs > Application, Security, System) when the historic log collection option is enabled. To enable historic log collection, follow the steps below: Navigate ...
                    • How to increase the records per page in Eventlog Analyzer

                      Objective By default, EventLog Analyzer displays 10 records per page in the Reports section. While users can manually adjust this number, the change is temporary. This article will guide you through configuring a global rule so that all reports ...
                    • How to configure RADIUS authentication in EventLog Analyzer

                      Objective Enable secure user authentication in EventLog Analyzer using an external RADIUS server. Prerequisites Have a configured and reachable RADIUS server. Have a RADIUS shared secret key (used for verifying communication between EventLog Analyzer ...
                    • Introduction to EventLog Analyzer

                      What is log management?  An enterprise network consists of different entities—perimeter devices, workstations, servers, applications, and more. Each entity records every activity that unfolds within it in the form of logs. These logs hold information ...