Mismatch in the Windows agent version
- Establish a remote connection with the machine where the agent is installed.
- Open the Registry Editor, then go to Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\ZOHO Corp\EventLogAnalyzer\LogAgent and ensure that the agent version matches the server version.
- For your reference, here is a table indicating the build and agent version details:
EventLog Analyzer build | Windows agent version | Linux agent version |
10081 | 3.2 |
|
11000 | 3.3 |
|
11010 | 3.4 |
|
11023 | 3.5 |
|
11030 | 3.6 |
|
11040 | 3.7 |
|
11070 | 3.8 |
|
11123 | 3.9 |
|
12010 | 4.0 | 1.0 |
12120 | 4.1 | 1.1 |
12121 | 4.2 | 1.1 |
12123 | 4.3 | 1.1 |
If there is a mismatch, carry out the steps below:
- Establish a remote connection with the machine running the agent. Go to the Control Panel > All Control Panel Items > Programs and Features, and uninstall the ManageEngine EventLog Analyzer Agent.
- Start a remote connection with the server-installed machine. Navigate to the folder under <dir>:\ManageEngine\EventLog Analyzer\lib\native and copy the EventLogAgent.msi file to the agent-installed machine. Run the MSI file to manually install the correct version of the agent.
Related Articles
Windows agent status: Unavailable
Establish a remote connection with the machine that the agent is installed on. Open a web browser and ensure that the EventLog Analyzer web UI is accessible. On the remote machine, open the file under C:\Program Files (x86)\EventLog ...
Windows agent service is not running
Establish a remote connection with the machine running the agent. Open services.msc and check if the ManageEngine EventLog Analyzer agent service is running. Open a web browser and ensure that the EventLog Analyzer web console is accessible. Open the ...
Windows: File Integrity Monitoring (FIM) issues
Prerequisites: An agent needs to be deployed on the respective machine. Open the EventLog Analyzer GUI. Go to the Settings tab > Configuration > Manage File Integrity Monitoring. Configure the folders in the machine that should be monitored. Verify ...
Windows device status: RPC server is unavailable
The RPC server is unavailable error will be displayed in the device status field if there isn’t any communication between the EventLog Analyzer server and the respective machine from which the logs should be collected. This lack of communication ...
Windows device status: Access denied
The Access denied error indicates that the user account dedicated for log collection does not have the necessary access and permissions to collect logs from the respective devices. There are two approaches to fixing the error: Using a domain admin ...