This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Windows host - agent based solution

Axoflow provides Axoflow agent for Windows (a customized OpenTelemetry Collector distribution) to collect data from Microsoft Windows hosts.

Axoflow agent can collect data from files, Windows Event Log, and Windows Event Traces (ETW).

What the installer does

When you deploy axolet, you run a command that installs the required software packages, configures them and sets up the connection with Axoflow.

The installer script performs the following main steps:

  • Executes prerequisite checks:
    • Tests the network connection with the console endpoints.
    • Checks if the operating system is supported.
  • Downloads the installers (.msi) of the Axolet agent and the Axoflow agent for Windows.
  • The installer script installs the packages. If the packages are already installed, the installer will update them to the latest version.

The installer installs:

  • The collector agent (by default) to C:\Program Files\Axoflow\OpenTelemetry Collector\axoflow-otel-collector.exe.
  • A default configuration file to C:\ProgramData\Axoflow\OpenTelemetry Collector\config.yaml.
  • The axolet management agent (by default) to C:\Program Files\Axoflow\Axolet\axolet.exe.

axolet performs the following main steps on its first execution:

  • Generates and persists a unique identifier (GUID).
  • Initiates a cryptographic handshake process to AxoConsole.
  • AxoConsole issues a client certificate to axolet, which will be stored in the above mentioned config.json file.
  • The service waits for an approval on AxoConsole. Once you approve the host registration request, axolet starts to send telemetry data to AxoConsole. It keeps doing so as long as the agent is registered.

To install Axoflow agent on a Windows host, complete the following steps. For other platforms, see Provision pipeline elements.

Prerequisites

  • You’ll need Administrator PowerShell access to the Windows host.

  • Axoflow agent supports the following Windows versions on x86_64 architectures:

    • Windows Server 2025
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows 11
    • Windows 10

  • When using Axoflow agent with an on-premises AxoConsole deployment, you must prepare the Axoflow agent host

Network access

The hosts must be able to access the following domains related to the AxoConsole:

  • When using AxoConsole SaaS:

    • <your-tenant-id>.cloud.axoflow.io: HTTPS traffic on TCP port 443, needed to download the binaries for Axoflow software (like Axolet and AxoRouter).
    • kcp.<your-tenant-id>.cloud.axoflow.io: HTTPS (mutual TLS) traffic on TCP port 443 for management traffic.
    • telemetry.<your-tenant-id>.cloud.axoflow.io: HTTPS (mutual TLS) traffic on TCP port 443, where Axolet sends the metrics of the host.
    • us-docker.pkg.dev: HTTPS traffic on TCP port 443, for pulling container images (AxoRouter only).

  • When using an on-premise AxoConsole:

    • The following domains should point to AxoConsole IP address to access Axoflow from your desktop and AxoRouter hosts:

      • your-host.your-domain: The main domain of your AxoConsole deployment.
      • authenticate.your-host.your-domain: A subdomain used for authentication.
      • idp.your-host.your-domain: A subdomain for the identity provider.

    • The AxoConsole host must have the following Open Ports:

      • Port 80 (HTTP)
      • Port 443 (HTTPS)

  • When installing Axoflow agent for Windows:

    • github.com: HTTPS traffic on TCP port 443, for downloading installer packages.

Install Axoflow agent for Windows

  1. Select Provisioning > Select type and platform.

    Provisioning Axoflow agent on Windows

  2. Select the type (Edge) and platform (Windows). The one-liner installation command is displayed.

    If needed, set the Advanced options (for example, proxy settings) to modify the installation parameters. Usually, you don’t have to use advanced options unless the Axoflow support team instructs you to do so.

  3. Only on Windows Server 2016: Complete these steps to install curl when installing Axoflow agent on Windows Server 2016. Other versions have curl installed by default.

    1. Download the latest curl package from the curl download page.

    2. Extract the package into a folder (for example, C:\curl)

    3. Add the curl binary folder (for example, C:\curl\bin) to the system PATH environment variable.

      1. Open the Control Panel, select System > Advanced System Settings.
      2. Select Advanced > Environment Variables.
      3. Select Path from System variables.
      4. Select Edit > New, then enter the curl binary folder path.
      5. Save your settings.

  4. Open a PowerShell terminal as Administrator on the host where you want to install Axoflow agent.

  5. Run the one-liner, then follow the on-screen instructions.

    Example output:

    curl.exe -fLsH 'X-AXO-TOKEN:xxx' 'https://axoflow.console/setup.sh?type=AXOEDGE&platform=WINDOWS' -o $env:TEMP\axolet-installer.ps1; powershell.exe -File $env:TEMP\axolet-installer.ps1
Do you want to install Axolet now? [Y]

Installing Axoflow agent...

Axolet service is running.
Now continue with onboarding the host on the Axoflow web UI.

  6. Verify that the axolet and axoflow-otel-collector services are running.

    Installed services

Metadata fields

The AxoRouter connector that receives data from Axoflow agent adds the following fields to the meta variable:

field value
meta.connector.type otlp
meta.connector.name <name of the connector>
meta.product windows, windows-dns, windows-dhcp

1 - Manage the Windows agent

This section describes how to start, stop and check the status of the axolet and axoflow-otel-collector services on Windows. axolet logs are available under C:\Windows\Temp\axolet.log, while Axoflow agent logs are available in the event log under Windows Logs / Application.

Start the service

To start the axolet or axoflow-otel-collector service, execute the following commands:

  • sc.exe start axolet
  • sc.exe start axoflow-otel-collector

Alternatively, you can restart the service from AxoConsole:

  1. Find the host on the Topology or the Sources page.
  2. Select the name of the host.
  3. Select Services > Restart.

Stop the service

To stop the axolet or axoflow-otel-collector service, execute the following commands:

  • sc.exe stop axolet
  • sc.exe stop axoflow-otel-collector

Check the status of the service

To check the status of the axolet or axoflow-otel-collector service, execute the following commands:

  • sc.exe query axolet
  • sc.exe query axoflow-otel-collector

Upgrade Axoflow agent

AxoConsole raises an alert for the host when a new Axoflow agent version is available. To upgrade to the new version, re-run the one-liner installation command you used to install Axoflow agent, or select Provisioning > Select type and platform to create a new one.

2 - Advanced installation options

When installing Axoflow agent on Windows, you can set a number of advanced options if needed for your environment. Setting the advanced options in the AxoConsole automatically updates the one-liner command that you can copy and run.

Advanced deployment options

Alternatively, before running the one-liner you can use one of the following methods:

  • Set the related environment variable for the option. For example:

    $Env:AXOLET_INITIAL_LABELS = 'product=windows,team=windows,vendor=microsoft'

  • Set the related URL parameter for the option. For example:

    curl.exe -fLsH 'X-AXO-TOKEN:random-generated' 'https://<your-tenant-id>.cloud.axoflow.io/setup.sh?type=AXOEDGE&platform=WINDOWS&initial_labels=product%3Dwindows%2Cvendor%3Dmicrosoft%2Cteam%3Dwindows' -o $env:TEMP\axolet-installer.ps1; powershell.exe -File $env:TEMP\axolet-installer.ps1

Proxy settings

Use the HTTP proxy, HTTPS proxy, No proxy parameters to configure HTTP proxy settings for the installer. To avoid using the proxy for the Axolet service, enable the Avoid proxy parameter as well. Lowercase variable names are preferred because they work universally.

Installation options

You can pass the following parameters to the installation script as environment variables, or as URL parameters.

API server host
Default value:
Environment variable
URL parameter api_server_host

Description: Override the host part of the API endpoint for the host.

Avoid proxy
Default value: false
Available values: true, false
Environment variable AXOLET_AVOID_PROXY
URL parameter avoid_proxy

Description: If set to true, the value of the *_proxy variables will only be used for downloading the installer, but not for the axolet service itself. If set to false, the Axolet service will use the variables from the installer.

Collector agent URL
Default value: https://github.com/axoflow/axoflow-otel-collector-releases/releases/download/v<version-number>/axoflow-otel-collector_<version-number>_windows_x64.msi
Environment variable AXOLET_COLLECTOR_AGENT_URL
URL parameter collector_agent_url

Description: Deploy the specified agent binary.

Configuration directory
Default value: C:\ProgramData\Axoflow
Environment variable AXOLET_CONFIG_DIR
URL parameter config_dir

Description: The directory where the configuration files are stored.

HTTP proxy
Default value: empty string
Environment variable AXOLET_HTTP_PROXY
URL parameter http_proxy

Description: Use a proxy to access AxoConsole from the host.

HTTPS proxy
Default value: empty string
Environment variable AXOLET_HTTPS_PROXY
URL parameter https_proxy

Description: Use a proxy to access AxoConsole from the host.

Initial labels
Default value: empty string
Environment variable AXOLET_INITIAL_LABELS
URL parameter initial_labels

Description: Comma-separated list of key=value labels. These labels will be suggested for the host when you add the source to AxoConsole. For example, product=windows,team=windows,vendor=microsoft

Install collector agent
Default value: true
Available values: true, false
Environment variable AXOLET_INSTALL_AGENT
URL parameter install_agent

Description: Deploy the Axoflow agent. If set to false, only the Axolet agent will be installed.

Non-interactive installation
Default value: false
Available values: true, false
Environment variable AXOLET_NON_INTERACTIVE
URL parameter non_interactive

Description: Don’t ask for user confirmation during the installation.

No proxy
Default value: empty string
Environment variable AXOLET_NO_PROXY
URL parameter no_proxy

Description: Destinations that should be reached directly, without going through the proxy.

Overwrite config
Default value: false
Available values: true, false
Environment variable AXOLET_CONFIG_OVERWRITE
URL parameter config_overwrite

Description: If set to true, the configuration process will overwrite existing configuration (/etc/axolet/config.json). This means that the agent will get a new GUID and it will require approval on the AxoConsole.

Start service
Default value: AXOLET_START=true
Available values: true, false
Environment variable AXOLET_START
URL parameter start

Description: Start axolet agent at the end of installation. Use false for preparing golden images. In this case axolet will generate a new GUID on the first boot after cloning the image.

If you are preparing a host for cloning with Axolet already installed, set the following environment variable in your (root) shell session, before running the one-liner command. For example:

$Env:START_AXOLET = false
curl.exe ... # Run the command copied from the Provisioning page

This way Axolet will only start and initialize after the first reboot.

3 - Configure data collection

To configure the agent to collect data from the edge host and send it to an AxoRouter instance, you must have:

The edge selectors of these rules are high-level policies that use dynamic host labels to determine which edge hosts match the rule.

To configure data collection on the edge host, complete the following steps.

  1. Create a new Collection rule (select Sources > Collection Rules > Create New Rule), or add the host to an existing rule.
  2. Create a new Data Forwarding rule (select Sources > Forwarding Rules > Create New Rule), or add the host to an existing rule.