- Logon to the RSA Security Analytics Server WebUI and remove the Windows Legacy Collector from the Hosts tab.
- Logon to the Windows Server as Administrator.
- From a command prompt type services.msc to administer Windows Services.
- Stop the NwLogCollector and RabbitMQ services and disable services.
- Right click on Windows Taskbar and start Task Manager. Go to the Details tab and kill any running epmd.exe (Erlang) processes (this is especially important if OS reboot is not possible for the last step and the Windows Legacy Collector is being immediately reinstalled).
- Navigate to Control Panel | Programs | Uninstall a program.
- Verify the following circled packages are installed.
- Select each package in turn and click "Uninstall" to remove:
Security Analytics Legacy Windows Collector
- You may also remove the four Microsoft Visual C++ Redistributable packages that are installed as part of the SA 10.6.3 Windows Legacy Collector installation, but you may wish to leave these packages if you have concerns about other dependencies.
- Reboot your Windows server after removing the Windows Legacy Collector components that are no longer necessary.