lhs-panel Click here to expand

Moving the EventLog Analyzer Installation to Another Machine

If you're planning to migrate EventLog Analyzer to a different server, possible data loss could be a major concern. This document will provide the steps to migrate your EventLog Analyzer installation to a different server without the loss of any data.

  1. Stop the EventLog Analyzer server. (Start → Run → Type services.msc and press OK → Stop the service ManageEngine EventLog Analyzer)
  2. Note: For a Linux service, Execute the commands given below to stop the Linux service (sample outputs are given):
    • Stop the service
      /etc/init.d/eventloganalyzer stop
      Stopping ManageEngine EventLog Analyzer <version number>...
      Stopped ManageEngine EventLog Analyzer <version number>

  3. Ensure that the processes java.exe, postgres.exe, and SysEvtCol.exe are not running in the task manager.
  4. Note: For Linux, Ensure that the processes java, postgres, and SysEvtCol are not running.
  5. Copy the entire <EventLog Analyzer Home> directory to the new server. It is strongly recommended that the new location is on the same path as the previous one.

Integration with Log360:

Case 1: If only EventLog Analyzer is being moved:

  1. If EventLog Analyzer is integrated with Log360, and only EventLog Analyzer is being moved, then integration with Log360 needs to be removed first. You can integrate EventLog Analyzer with Log360 again after moving it to a different server).
  2. After EventLog Analyzer is moved, if new path is not the same as the previous path, path.data & path.repo in <EventLog Analyzer Home>\ES\config\elasticsearch.yml needs to be updated accordingly.
  3. Moving the EventLog Analyzer Installation to Another Machine
  4. Open the command prompt with administrator privileges. Navigate to <EventLog Analyzer Home>\bin and execute initPgsql.bat to set the permissions for the database.
  5. Note: For Linux, initPgsql.sh has to be executed.
  6. Since the service has not been installed in the new server, we have to install it manually. Open the Command Prompt with administrator privileges. Navigate to <EventLog Analyzer Home >\bin and execute the following command to install the EventLog Analyzer service.
  7. Copy to Clipboard

    service.bat -i

    Note: For Linux, the service installation command is:

    sh configureAsService.sh -i

    Click here to know more.

    To install Log360 service please go to <Log360 Home >\bin and execute

    Copy to Clipboard

    execute InstallNTService.bat

  8. The service will now be installed. Try starting the service and open EventLog Analyzer with your browser to log in.
  9. EventLog Analyzer archive path has to be modified. Settings → Admin Settings → Manage Archives → Settings → Archive Location.
  10. Previously archived files cannot be loaded. The migration is now complete.

Case 2: If EventLog Analyzer and Log360 are being moved:

  1. If EventLog Analyzer is integrated with Log360, and both Log360 & EventLog Analyzer are being moved, the integration needn't be removed. However, you would need to move the following,
    • <ManageEngine Home>\EventLog Analyzer folder
    • <ManageEngine Home>\ElasticSearch
    • <ManageEngine Home>\Log360
  2. After Log360 & elasticsearch folders are moved along with EventLog Analyzer, if new path is not the same as the previous path, path.data & path.repo in <ManageEngine Home>\elasticsearch\ES\config\elasticsearch.yml needs to be updated. path.data in <EventLog Analyzer Home>\ES\config\elasticsearch.yml needs to be updated as well.
  3. Moving the EventLog Analyzer Installation to Another Machine
  4. Open the command prompt with administrator privileges. Navigate to <EventLog Analyzer Home>\bin and execute initPgsql.bat to set the permissions for the database.
  5. Note: For Linux, initPgsql.sh has to be executed.
  6. Since the service has not been installed in the new server, we have to install it manually. Open the Command Prompt with administrator privileges. Navigate to <EventLog Analyzer Home >\bin and execute the following command to install the EventLog Analyzer service.
  7. Copy to Clipboard

    service.bat -i

    Note: For Linux, the service installation command is:

    sh configureAsService.sh -i

    Click here to know more.

  8. The service will now be installed. Try starting the service and open EventLog Analyzer with your browser to log in.
  9. EventLog Analyzer archive path has to be modified. Settings → Admin Settings → Manage Archives → Settings → Archive Location.
  10. Previously archived files cannot be loaded. The migration is now complete.

If EventLog Analyzer is not integrated with Log360:

  1. If EventLog Analyzer is not integrated with Log360 and if the new path is not the same as the previous path, then path.data and path.repo in <EventLog Analyzer Home>\ES\config\elasticsearch.yml need to be updated.
  2. Open the command prompt with administrator privileges. Navigate to <EventLog Analyzer Home>\bin and execute initPgsql.bat to set the permissions for the database.
  3. Note: For Linux, initPgsql.sh has to be executed.
  4. Since the service has not been installed in the new server, we have to install it manually. Open the Command Prompt with administrator privileges. Navigate to <EventLog Analyzer Home >\bin and execute the following command to install the EventLog Analyzer service.
  5. Copy to Clipboard

    service.bat -i

    Note: For Linux, the service installation command is:

    sh configureAsService.sh -i

    Click here to know more.

  6. The service will now be installed. Try starting the service and open EventLog Analyzer with your browser to log in.
  7. EventLog Analyzer archive path has to be modified. Settings → Admin Settings → Manage Archives → Settings → Archive Location.
  8. Previously archived files cannot be loaded. The migration is now complete.

Note:
  • If you have enabled log forwarding from any Linux, Unix, router, switch, firewall, or syslog devices to EventLog Analyzer, you would need to re-point them to the new server.
  • If an agent has been configured for any device, check if it has been modified appropriately.
  • Do not delete the previous installation until you ensure the migration is successful. Verify the migration by checking the log collection after 30 minutes.

If you are using MS SQL server as your database and if it is running on a remote computer, download and install the SQL Native Client/ODBC Driver that is appropriate for the SQL Server version in the new Event Log Analyzer machine.

More information on SQL Native Client/ODBC Driver is available here.

Copyright © 2020, ZOHO Corp. All Rights Reserved.

Get download link