Elastic Agent causing VM connectivity issues

We've deployed the 8.11.0 elastic agents to windows and use both the system and windows integration to consume windows logs and host metrics. Since installing the agent, we've been having intermittent connectivity issues with our hosts in which services would no longer load (for example having 500 errors in web services), SQL database killing instances, and throughout the hosts many were complaining of high memory usage around these events.

As a test, we had Lansweeper not loading pages, giving us 500 errors. We disabled the Elastic Agent on the Lansweeper host, it did not help the issue. The database for Lansweeper is housed on a separate SQL server that was having an issue (unable to RDP, protocol errors). I was refreshing Lansweeper web, and upon killing the agent on the SQL server, things immediately started working.

We never had issues with WinLogBeat, and wanted to move to the Elastic Agent for it's simplified management and deployment of integrations, but can't now due to agents reaping havoc in the environment.

Has anyone else had similar experiences?

Oi..
it's buggy as crap..
I went to 8.8 with few hundreds windows boxes, had issues with svchost ( [service] windows service, receive multiple change requests by leehinman · Pull Request #155 · elastic/elastic-agent-libs · GitHub)

Also Defend-integration spikes if it looses cluster-connectivity.

8.11.0 has known issues with memory leaks on windows hosts..: Fleet and Elastic Agent 8.11.0 | Fleet and Elastic Agent Guide [8.11] | Elastic

8.11.2 is recently released.. an advice, never enroll point-zero reelases broadly.
Even you have testservers, they're often low on load and doesnt reflect typical workload.

Thanks for the info, extremely helpful!

This was our first deployment of it, and it seems we got unlucky deploying the version with the issue

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.