How to Start and Shutdown EventLog Analyzer

Once you have successfully installed EventLog Analyzer, start the EventLog Analyzer server by following the steps below.

How to start EventLog Analyzer Server/Service

Windows Application:

• Select the desktop shortcut icon for EventLog Analyzer to start the server. (or)
• Select Start > Programs > ManageEngine Log360 <version number> > Log360 to start the server.
• If the server is started and you wish to access it, you can use the tray icon in the task bar to connect to EventLog Analyzer.

Windows Service:

During installation, you would have chosen to install EventLog Analyzer as an application or a service. If you installed it as an application, you can carry out the procedure to convert the software installation to a Windows Service.

Once the software is installed as a service, follow the steps given below to start EventLog Analyzer as a Windows Service:

• Go to the Windows Control Panel > Administrative Tools > Services.
• Right click ManageEngine EventLog Analyzer <version number> and select Start in the menu.
• Alternatively, right click and select Properties. In the General tab, check the Service status is ‘Stopped’ and Start button is in enabled state and other buttons are grayed out. Click the Start button to start the server as a Windows service.

Linux Application:

• For Linux, based on where EventLog Analyzer has been installed, the steps to start the server are as follows.

Installed in	Users who can start	How to Start
Top level directories like /opt/, /home , /, and others	Root User: Yes Other User: Yes	Root user: Navigate to the <Eventlog Analyzer>/bin directory and execute the configureAsService.sh file with root user privileges. Then restart the server using the shutdown.sh and service start commands to start using service. Other users: * Open a terminal.* Navigate to the <Eventlog Analyzer>/ES/bin directory, run sudo initES.sh. Alternatively, you can also run initES.sh using root.* Navigate to the <Eventlog Analyzer>/bin directory and execute the run.sh file or start using service.
Home of a user For example, /home/testuser/Eventlog or /home/Admin/Eventlog or any other directory that comes under a user's home directory	User who owns the home directory: Yes Root user: No (Because in redhat & centos a user can't access files of another user since an Elasticsearch user is created when a user is running the application with root. The Elasticsearch user wont be able access their home directory as it's part of another home directory.	Root user: Should not run Other users: * Open a terminal. * Navigate to the <Eventlog Analyzer>/ES/bin</Eventlog> directory, run sudo initES.sh. Alternatively, you can also run initES.sh using root.

• When the respective run.sh file is executed, a command window opens up and displays the startup information of several EventLog Analyzer modules. Once all the modules are successfully started, the following message is displayed:

Server started.

Please connect your client at http://localdevice:8400

• The 8400 port is replaced by the port you have specified as the web server port during installation.

Note: If the default syslog listener port of EventLog Analyzer is not free then EventLog Analyzer displays "Can't Bind to Port <Port Number>" when logging in to the UI.

Linux Service:

During installation, you would have chosen to install EventLog Analyzer as an application or a service. If you installed it as an application, follow the procedure given below to convert the software installation to a Linux Service. Navigate to the bin folder and execute the following command:

• Once the software is installed as a service, execute the command given below to start Linux Service:

• Check the status of the EventLog Analyzer service by executing the following command (sample output given below):

How to shut down EventLog Analyzer Server/Service

Follow the steps below to shut down the EventLog Analyzer server. Note that once the server is successfully shut down, the PostgreSQL/MySQL database connection is automatically closed, and all the ports used by EventLog Analyzer are freed.

Windows Application:

• Navigate to the Program folder in which EventLog Analyzer has been installed. By default, this is Start > Programs > ManageEngine Log360 <version number>. Select the Shut Down EventLog Analyzer option.
• Alternatively, you can navigate to the <EventLog Analyzer Home>\bin folder and execute the shutdown.bat file. You will be asked to confirm your choice, after which the EventLog Analyzer server is shut down.

Windows Service:

To stop a Windows service, follow the steps given below.

• Go to the Windows Control Panel. Select Administrative Tools > Services.
• Right click ManageEngine EventLog Analyzer <version number>, and select Stop in the menu.
• Alternatively, right click and select Properties. In the General tab of the screen, check the Service status is ‘Started’ and the Stop button is in enabled state and other buttons are grayed out. Click the Stop button to stop the Windows service.

Linux Application:

• Navigate to the <EventLog Analyzer Home>\bin directory. Execute the shutdown.sh file.
• You will be asked to confirm your choice, after which the EventLog Analyzer server is shut down.

Linux Service:

Execute the commands given below to stop the Linux service (sample outputs are given):

• Stop the service

• Check the status of the service again:

How to restart EventLog Analyzer Server/Service

1. Stop EventLog Analyzer:
• For the console application
Windows
• Find the EventLog client from the process list.
• Right click on this and select shutdown. (or)
• Use the Direct Call option.
Linux:
• Use the Direct Call option.
Direct Call:
• Go to <EventLog Analyzer Home>\bin.
• Execute the shutdown.bat file.
• Wait till the process completes.
For the service mode:
• Go to the service console.
• Find the ManageEngine EventLog Analyzer service.
• Click on 'Stop'.
2. Start EventLog Analyzer:
   • For the console application:
   Direct Call:
   • Click on the shortcut icon. (or)
   • Go to <EventLog Analyzer Home>\bin.
   • Execute wrapper.exe ..\server\conf\wrapper.conf

     Note: You can also execute run.bat but this is not preferred.

     For the service mode:
   • Go to the service console.
   • Find the ManageEngine EventLog Analyzer service.
   • Click on 'Start'.