- Site Collector Overview
- Get Started with Site Collectors
- Install Site Collector
- Set Up Collectors
- Sign Up for the Early Access Program: Site Collectors
- Set Up Archive Windows Collector
- Set Up Archive Linux Collector
- Set Up EStreamer Collector
- Set Up Fortinet Collector
- Set Up IBM Security QRadar Collector
- Set Up Kafka Collector
- Set Up Splunk Collector
- Set Up Linux File Collector
- Set Up Microsoft SQL Collector
- Set Up MySQL Collector
- Set Up Oracle Collector
- Set Up Syslog Collector
- Set Up Windows Active Directory Collector
- Set Up Windows Event Log Collector
- Set Up Windows File Collector
- Manage Site Collectors
- Site Collector Monitoring
- Troubleshoot the Site Collector
- Pre-checks failed during Site Collector installation and upgrade
- Site Collector UI shows the status INSTALLATION_ERROR
- Download Support Packages for Troubleshooting
- How to reboot the Virtual Machine (VM) successfully to apply security updates?
- What information must be added while creating a support ticket to resolve an issue?
- Site Collector UI is not displaying the heartbeats
- Splunk Collector can't be set up
- Splunk Collector is set up however, logs are not reaching DL/AA
- Only a few of the installed Splunk Collectors are processing logs or EPS has dropped by 50% as compared to last hour
- The Windows Active Directory Collector (formerly known as LDAP Collector) is set up, however, the context data is not reaching DL/AA
- The Windows Active Directory Collector (formerly known as LDAP Collector) is stuck in the ‘Update’ mode after deployment
- Installation is initiated; however, the collector shows the status as ‘Setting Up’ for some time
- Data Lake and Advanced Analytics Does Not Show Context Data
- Context Data from Windows Active Directory Collector is Segmented
- Minifi Permission Denied - Logback.xml File Missing and Config File Update - Failed Error Occurred while Installing the Windows Event Log Collector
- Where should I upload proxy certificates if I am running proxy with TLS interception?
- How to upgrade Linux collector instance?
Apply Antivirus Exclusions
Configuring the appropriate port or protocol rules and setting antivirus or file monitoring exclusions helps you to ensure the correct Site Collector installation and agent collector installation. In addition to considering the prerequisites, and ports and protocols to be applied to the network devices like firewalls or switches that manage traffic for Site Collector installation, you also need to add exclusions for the folders and processes for the successful Windows agent collector installation.
Set Antivirus Exclusions for Windows Agent Collector Installation
For successful Windows agent collector installation, exclude the specified directories and subfolders from the Antivirus scan.
Whilelist the following directory paths on the Windows machines where you want to install the Windows agent collectors.
For Windows Event Log Collector installation, exclude: C:\ProgramFiles\ExabeamWindowsCollector\
The following executables are run after they are saved to the above mentioned folder for the Windows Event Log Collector.
exabeam-welc-management.exe
exabeam-windows-collector.msi
For Windows File Collector installation, exclude: C:\ProgramFiles\ExabeamFileCollector\
The following executables are run after they are saved to the above mentioned folder for the Windows File Collector.
exabeam-file-management.exe
exabeam-file-collector.msi
For Windows Archive Collector installation, exclude: C:\ProgramFiles\ExabeamArchiveCollector\
The following executables are run after they are saved to the above mentioned folder for the Windows Archive Collector.
exabeam-archive-management.exe
exabeam-archive-collector.msi
Ensure that the antivirus program on your Windows machine does not interfere with the following executable files, powershell scripts, and MSI files that are downloaded during agent collectors' installation for ensuring a smooth installation process.
request.exe
archiver.exe
windows_support_package.ps1
windows_certificates_update.ps1
Following are the agent specific files that are used for installation.
For Windows Event Log Collector
welc_install.ps1
welc_uninstall.ps1
For Windows File Collector
wfc_install.ps1
wfc_uninstall.ps1
For Windows Archive Collector
archive_install.ps1
archive_uninstall.ps1