Skip to main content
The UTMStack Windows Agent enables comprehensive security monitoring and log collection on Windows servers and workstations.

Prerequisites

Before installing the Windows agent, ensure you have:
  • Administrative privileges on the Windows system
  • Network connectivity to the UTMStack server
  • UTMStack server hostname or IP address
  • Agent registration key from your UTMStack deployment

Installation

1

Download the Agent

Download the Windows agent executable (utmstack_agent.exe) from your UTMStack server or deployment package.
2

Open Command Prompt as Administrator

Right-click Command Prompt and select “Run as administrator”.
3

Run the Installation Command

Navigate to the directory containing the agent executable and run:
utmstack_agent.exe install
The installer will prompt you for:
  • UTMStack server address
  • Agent registration key
4

Installation Process

The agent will automatically:
  • Check server connection and verify port accessibility
  • Download required dependencies from the server
  • Register the agent with the UTMStack server
  • Configure collectors and log retention settings
  • Install the Windows service
You’ll see output like:
Installing UTMStackAgent service ...
Checking server connection ... [OK]
Downloading dependencies ... [OK]
Configuring agent ... [OK]
Creating service ... [OK]
UTMStackAgent service installed correctly
5

Verify Installation

Check that the UTMStackAgent service is running:
sc query UTMStackAgent

Service Management

Start the Service

net start UTMStackAgent

Stop the Service

net stop UTMStackAgent

Restart the Service

net stop UTMStackAgent && net start UTMStackAgent

Check Service Status

sc query UTMStackAgent

Common Tasks

Enable Syslog Integration

Enable syslog over TCP: 
utmstack_agent.exe enable-integration syslog tcp
Enable syslog over TCP with TLS: 
utmstack_agent.exe enable-integration syslog tcp --tls

Load Custom TLS Certificates

For production environments, load your own TLS certificates: 
utmstack_agent.exe load-tls-certs C:\path\to\server.crt C:\path\to\server.key C:\path\to\ca.crt

Change Log Retention

Set log retention to 50 MB: 
utmstack_agent.exe change-retention 50

Uninstalling the Agent

To completely remove the agent: 
utmstack_agent.exe uninstall
This will:
  • Stop the service
  • Uninstall collectors
  • Delete the agent from the server
  • Remove the Windows service
  • Clean up configuration files

Troubleshooting

Installation Fails

If installation fails, check:
  1. Network connectivity: Ensure the server is reachable 
    ping your-utmstack-server
  2. Firewall rules: Verify required ports are open
  3. Permissions: Ensure you’re running as administrator

Service Won’t Start

Check the service log file at C:\Program Files\UTMStack\Agent\logs\service.log for detailed error messages.

Agent Not Appearing in Console

Verify the agent is registered:
  • Check network connectivity to the server
  • Ensure the correct server address and key were used during installation
  • Review the agent log files

Log Files

Agent logs are stored at: 
C:\Program Files\UTMStack\Agent\logs\service.log

Next Steps

Agent Commands

Explore all available CLI commands

Build docs developers (and LLMs) love

Get started for freeTalk to us