Windows Agent runs fine but not collecting the logs
Remote login to the Agent-installed machine ⇾ open "Services.msc" ⇾ ensure that the "ManageEngine EventLog Analyzer agent" service is running.
Remote login to the Agent-installed machine ⇾ open a web browser ⇾ ensure that the EventLog Analyzer Web UI is accessible from there.
Remote login to the Agent-installed machine ⇾ go to C:\Program Files (x86)\EventLogAnalyzer_Agent\data\zipfiles folder ⇾ check if there are any compressed folders.
If yes, then the agent has been collecting logs since the log forwarding has stopped.
If not, open Task Manager ⇾ go to "Details" tab ⇾ check if "SysEvtCol.exe" is running. If not, go to C:\Program Files (x86)\EventLogAnalyzer_Agent\bin folder ⇾ run "SysEvtCol.exe" file.
Remote login to the Agent-installed machine ⇾ open C:\Program Files (x86)\EventLog Analyzer_Agent\Logs\Agentstatus.out file ⇾ check whether the Server details are correct.
➤ If not, open registry in the agent-installed device ⇾ go to Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\ZOHO Corp\EventLogAnalyzer\ServerInfo ⇾ update the EventLog Analyzer Server details:
♢ DB Type: Postgres or MSSQL
♢ IP Address of the Server
♢ Host name of the Server
♢ Web port used to access the UI: Default is 8400
♢ Protocol used to access the UI: HTTP or HTTPS