"Module Installation Failed" and "Engine Offline" errors appear after activating Deep Security Agent on Linux

Product / Version includes:

Deep Security11.1 , Deep Security11.2 , Deep Security9.6 , Deep Security11.0 , Deep Security10.2 , Deep Security10.1 , Deep Security10.0 , Deep Security10.3

Last updated: 2021/11/11

Solution ID: KA-0009193

Category: Troubleshoot

Summary

After activating and sending policy on a Deep Security Agent (DSA) installed on a Linux machine, you see one or more of the following error/s:

'XXX' Engine Offline
Software Update: 'XXX' Module Installation Failed

To fix the issue:

Check if there is an available relay.
The Deep Security Relay (DSR) is an agent capable of distributing the software and security updates to other agents. Relay Groups can be checked under Administration > Updates > Relay Management. To know more about relays, refer to the article Distribute security and software updates with relays.
Check the Deep Security Agent version.
1. On the Deep Security Manager (DSM) console, go to Computers tab.
2. Double-click the editor.
3. Navigate to Overview > Actions > Agent Software.
If you cannot access the DSM console, verify the build you are using on the Linux machine itself.
- For CentOS, RedHat, SuSE and Amazon Linux machines, run either of the following commands:
  #rpm -q ds_agent
  #cat /opt/ds_agent/ext/update.dse.version
- For Ubuntu/Debian, run the command below:
  #dpkg -s ds-agent | grep version
Once you have the agent version, check if it is the latest by going to the Deep Security Download Center. It is recommended to always use the latest build. If an upgrade is necessary, please refer to article on how to Update the Security Agent.
Verify the Linux kernel version.
The Linux kernel version running on the machine must be supported by the Deep Security Agent. Trend Micro monitors new kernel version and releases an update for it to be fully supported. To verify if a kernel version is compatible, see Deep Security Agent Linux kernel support.

If your kernel version is not yet supported, please contact Trend Micro Technical Support.
If the Deep Security Relay is working, kernel version is supported, and the correct DSA version is installed but the issue still persists, make sure that the corresponding agent installer and kernel support package are imported into Deep Security Manager (DSM). They should be listed under Administration > Updates > Software > Local.
For example, as of this writing, the latest build available for RHEL 6 64-bit is Deep Security Agent 11.3.0-235 and kernel support package is KernelSupport-RedHat_EL6-11.3.0-239.x86_64, which are both imported into the Deep Security Manager below.

If you are using Deep Security as a Service (DSaaS), there is no need to check if the latest agent and kernel support package are imported into the Deep Security Manager console as this is automatically done on the back-end.

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

"Module Installation Failed" and "Engine Offline" errors appear after activating Deep Security Agent on Linux

"Module Installation Failed" and "Engine Offline" errors appear after activating Deep Security Agent on Linux

Product / Version includes:

Summary