Move EventLog Analyzer Installation to Another Machine   


If you're planning to migrate EventLog Analyzer to a different server, data loss becomes a major concern. This document will provide the steps to migrate EventLog Analyzer to a different server without the loss of any data.

 

 Note: The steps given below will work if you are using MySQL, MS SQL or Postgres database.

 

1. Stop the EventLog Analyzer server. (Start → Run → Type services.msc and press OK → Stop the service ManageEngine EventLog Analyzer)

2. Check the task manager for the processes java.exe, postgres.exe, and SysEvtCol.exe and kill them if it is running in the EventLog_Analyzer path.

3. Copy the entire <EventLog Analyzer Home> directory to the new server. It is strongly recommended that the new location is on the same path as the previous one.

If the new location is not on the same path as the previous one, please note the following points. 

 

  • path.data & path.repo parameters in elasticsearch.yml which is located in <EventLog_Analyzer_HOME>\ES\config\ have to be modified with the new location.
  • EventLog_Analyzer archive path has to be modified (SettingsAdmin SettingsManage ArchivesSettingsArchive Location).
  • Already archived files cannot be loaded.
  •  

    4. Open CMD with administrator privileges, navigate to <EventLog Analyzer Home >/bin and execute initpgsql.bat to set permissions to the database.

    5. Open CMD with administrator privileges, navigate to <EventLog Analyzer Home >/bin and execute run.bat to check if you can connect to the UI.

    6. Since the service has not been installed in the new server, we have to install it manually. Open CMD with administrator privileges, navigate to <EventLog Analyzer Home >/bin and execute the following command to install the EventLog Analyzer service.

    service.bat -i

    7. The service will now be installed. Try starting the service and connect to the UI to log in.

     

    The migration is complete.

     

    Note:

  • If you have enabled log forwarding from any Linux, Unix, router, switch, firewall, or syslog devices to EventLog Analyzer, you need to re-point them to the new server.
  • If agent has been configured for any device, check if it has been modified appropriately.
  • Do not delete the previous installation until you ensure the migration is successful. Verify the migration by checking the log collection after 30 minutes.
  •  

    If you are using MS SQL server as your database and if it is running on a remote computer, download and install the SQL native client that is appropriate for the SQL version/ODBC driver in the new Event Log Analyzer machine.

     

    More information on SQL Native Client is available here.

     

    Get download link