Installing Grafana Agent on Windows Server - Error 1067


I’ve come across a use-case where I need to monitor Windows Servers. I am reasonably comfortable with the LGTM stack on Linux.

I have successfully used windows_exporter to export metrics.

I now need to move onto:

  • logs
  • a cAdvisor equivalent

For logs, I’ve tried the promtail binary and specifying the default config when launching via CLI, but the process just seems to terminate silently.

For Grafana agent, I’m using the following config:

  log_level: debug

  # Choose a directory to save the last read position of log files at.
  # This directory will be created if it doesn't already exist.
  positions_directory: "C:grafanaAgent"
    - name: windows
      # Loki endpoint to push logs to
        - url: http://<workingURL>:3100/loki/api/v1/push
      - job_name: windows
          # Note the directory structure must already exist but the file will be created on demand
          bookmark_path: "C:\grafanaAgent\bookmark.xml"
          use_incoming_timestamp: false
          eventlog_name: "Application"
          # Filter for logs
          xpath_query: '*'
            job: windowsserver

but this errors out with ‘Error 1067: The process terminated unexpectedly’. I’ve searched for logs on this in EventViewer, but cannot see anything more.

This config comes from the default installation instructions here.

I believe the issue to be permissions related - I don’t think the Agent has permissions to write anywhere to disk. I’ve tried to get around this by running it as my Admin user (Services → Right Click Agent → Properties → Log On) and also by specifying write destinations that should be open to all (C:\Temp) but that didn’t help.

I’ve checked that the issue is not at the server end - a Linux machine running Promtail is able to push logs to the sever just fine.

Would appreciate any help - I am not skilled with Windows Server and am probably missing something obvious.

  # Choose a directory to 
  positions_directory: "C:grafanaAgent"

:coffee: x4


Thanks for taking a look - you’re right, I’m missing a \ in this iteration of the config file.

Unfortunately, fixing this typo doesn’t fix the issue - I’ve tried a selection of file-paths including C:\Temp where I’d assume everyone has the right to write to, and I get the same error each time.

try forward slash for all windows paths

That was the one! Thanks.