ELK is destroing all the computer in my office by using all the drive space, all the RAM et all the bandwidth. I need to remove this scrap as soon as possible.
HELP...
Hi @cthibault , I'm sorry to hear you're having trouble. I really hope once you have a less urgent issue you retry Endpoint Security. It can take some tuning to ensure that Endpoint Security and other applications on a computer co-exist peacefully. The Trusted Apps feature in the Security App is the most effective way to ensure that Endpoint Security and other applications (typically other antivirus) don't cause problems for each other.
There are three possible things you might want to do to remove Endpoint Security.
Remove the Endpoint Security integration but leave Elastic Agent installed
To do this, go to Fleet -> Agent policies and select the Agent policy that is associated with the host having trouble. On the next page click on the "..." icon on the right of the Endpoint Security integration then select Delete integration. This will leave Elastic Agent installed but uninstall Endpoint Security from the host.
Remove Elastic Agent entirely
To do this run c:\Program Files\Elastic\Agent\elastic-agent.exe uninstall -f (Windows), /Library/Elastic/Agent/elastic-agent uninstall -f (macOS), or /opt/Elastic/Agent/elastic-agent uninstall -f on the host computer. This will remove Elastic Agent and Elastic Endpoint (aka Endpoint Security).
All three OSes require Administrator/root to run that uninstall command.
Remove just Endpoint Security
Only do this if Elastic Agent is uninstalled but Endpoint security was not uninstalled for some reason. If you try to do this and leave Elastic Agent installed with Endpoint Security as an integration in the Agent policy Agent is just going to reinstall Endpoint Security.
Run the following commands on your given OS. Again, these commands must be run by Administator/root.
Windows
cd %TEMP%
copy "c:\Program Files\Elastic\Endpoint\elastic-endpoint.exe" elastic-endpoint.exe
elastic-endpoint.exe uninstall -f
del elastic-endpoint.exe
macOS
cd /tmp
cp /Library/Elastic/Endpoint/elastic-endpoint elastic-endpoint
./elastic-endpoint uninstall -f
rm elastic-endpoint
Linux
cd /tmp
cp /opt/Elastic/Endpoint/elastic-endpoint elastic-endpoint
./elastic-endpoint uninstall -f
rm elastic-endpoint
Thanks it works, except the /f switch is not reconize.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.