I installed the agent on my windows 10 test machine using the script generated from my fleet server. I used cmd run as administrator to run the installer. I seem to be stuck in a service start loop. The error logs show the following…
{"log.level":"info","@timestamp":"2022-12-31T18:19:33.896Z","log.origin":{"file.name":"cmd/run.go","file.line":209},"message":"APM instrumentation disabled","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2022-12-31T18:19:33.917Z","log.origin":{"file.name":"application/application.go","file.line":78},"message":"Detecting execution mode","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2022-12-31T18:19:33.925Z","log.origin":{"file.name":"application/application.go","file.line":102},"message":"Agent is managed by Fleet","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2022-12-31T18:19:33.926Z","log.origin":{"file.name":"capabilities/capabilities.go","file.line":59},"message":"capabilities file not found in C:\\Program Files\\Elastic\\Agent\\capabilities.yml","ecs.version":"1.6.0"}
{"log.level":"error","@timestamp":"2022-12-31T18:19:34.578Z","log.logger":"cmd_run","log.origin":{"file.name":"cmd/run.go","file.line":67},"message":"run command finished with error","error":{"message":"starting GRPC listener: listen tcp 127.0.0.1:6789: bind: An attempt was made to access a socket in a way forbidden by its access permissions."},"ecs.version":"1.6.0"}