Hello,
I have a similar issue to Elastic Endpoint service failed (missed 3 check-ins)
One of my Linux machines is reporting as unhealthy since Elastic EDR was installed.
We have attempted Elastic Agent reinstalls a few times and the issue persists.
Here are the results of a few troubleshooting commands that were seen in other threads:
What further troubleshooting can be done?
Hi @elastic_fan this one is tricky. In 8.15 we switched from TCP to pipe for the local Agent - Endpoint communication, so the old troubleshooting pieces do not apply.
I'd suggest to first try the Endpoint status command to see how things look like from Endpoint side of the communication. Then most likely I'd use Endpoint diagnostics command to get the logs and and grep it for bootstrap errors.
How did you install Agent, tar or deb/rpm?
@lesio - Thank you for the input.
I think the original install was performed with the Linux Tar option and we have since tried a reinstall with the RPM option.
I will proceed with the endpoint status and diagnostics commands if the RPM fails.
RPM and the tar installation method make a different layout (files land in different places)
Switching between them perhaps might cause some unexpected issues. I'd recommend full uninstall and clean install when changing this.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
