Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

"Module Installation Failed" and "Engine Offline" errors appear after activating Deep Security Agent on Linux

    • Updated:
    • 13 Mar 2020
    • Product/Version:
    • Deep Security 10.0
    • Deep Security 10.1
    • Deep Security 10.2
    • Deep Security 10.3
    • Deep Security 11.0
    • Deep Security 11.1
    • Deep Security 11.2
    • Deep Security 11.3
    • Deep Security 9.6
    • Platform:
    • N/A N/A

After activating and sending policy on a Deep Security Agent (DSA) installed on a Linux machine, you see one or more of the following error/s:

'XXX' Engine Offline
Software Update: 'XXX' Module Installation Failed

Module installation failed errors


To fix the issue:

  1. Check if there is an available relay.

    The Deep Security Relay (DSR) is an agent capable of distributing the software and security updates to other agents. Relay Groups can be checked under Administration > Updates > Relay Management. To know more about relays, refer to the article Distribute security and software updates with relays.

  2. Check the Deep Security Agent version.
    1. On the Deep Security Manager (DSM) console, go to Computers tab.
    2. Double-click the editor.
    3. Navigate to Overview > Actions > Agent Software.

    If you cannot access the DSM console, verify the build you are using on the Linux machine itself.

    • For CentOS, RedHat, SuSE and Amazon Linux machines, run either of the following commands:

      #rpm -q ds_agent
      #cat /opt/ds_agent/ext/update.dse.version

    • For Ubuntu/Debian, run the command below:

      #dpkg -s ds-agent | grep version

    Once you have the agent version, check if it is the latest by going to the Deep Security Download Center. It is recommended to always use the latest build. If an upgrade is necessary, please refer to article on how to Update the Security Agent.

  3. Verify the Linux kernel version.

    The Linux kernel version running on the machine must be supported by the Deep Security Agent. Trend Micro monitors new kernel version and releases an update for it to be fully supported. To verify if a kernel version is compatible, see Deep Security Agent Linux kernel support.

    If your kernel version is not yet supported, please contact Trend Micro Technical Support.

  4. If the Deep Security Relay is working, kernel version is supported, and the correct DSA version is installed but the issue still persists, make sure that the corresponding agent installer and kernel support package are imported into Deep Security Manager (DSM). They should be listed under Administration > Updates > Software > Local.

    For example, as of this writing, the latest build available for RHEL 6 64-bit is Deep Security Agent 11.3.0-235 and kernel support package is KernelSupport-RedHat_EL6-11.3.0-239.x86_64, which are both imported into the Deep Security Manager below.


    If you are using Deep Security as a Service (DSaaS), there is no need to check if the latest agent and kernel support package are imported into the Deep Security Manager console as this is automatically done on the back-end.
Solution Id:
Did this article help you?

Thank you for your feedback!

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.