Install Collector - Windows

1. Download the Collector

Sign in to your ConfigSentry account and go to Appliances → Collectors. Open your collector and click Download - Windows (.exe). Save the file to the folder where you want the collector to live long term.

Keep the collector in its own folder, for example C:\Collectors\ConfigSentry. The collector stores its runtime files, local settings, logs, and related working files in that folder.

2. Run the EXE

Double-click the downloaded installer file, such as configsentry_collector_install.exe or configsentry_collector_install_offline.exe, and follow any prompts. If Windows SmartScreen shows a warning, click More info then Run anyway.

The EXE will:

• Extract the collector runtime into the current folder.
• Import the bundled collector config file, if one is included with the download.
• Create or repair the Windows Task Scheduler watchdog used to keep the collector background service running.
• Open the collector EXE menu that you can use later for status checks, local settings, config updates, and runtime updates.

After the EXE opens, use the menu to finish setup. In most cases that means entering any required local values first, then confirming the collector service is enabled and healthy.

3. Manage the Collector After Install

After the bootstrap finishes, manage the installed collector with configsentry_collector.exe. That EXE is the normal day-to-day management entrypoint for the Windows collector.

Common first tasks are:

• Use Show collector status to confirm the config file was imported and the service is healthy.
• Use Edit locally configured settings if any appliance or collector value is marked Enter Locally.
• Use Enable collector service if the background service is not already running.

For the full menu reference, command-line options, update workflow, appliance view, syslog behavior, and service management details, see Collector Management.

4. Enter Local Settings

If your collector or appliance uses values that should not be stored on the website, use 5. Edit locally configured settings from the EXE menu.

Typical examples include appliance hostnames, usernames, passwords, or other fields configured as Enter Locally in the collector setup.

A simple first-run workflow is:

• Open configsentry_collector.exe.
• Choose 5. Edit locally configured settings.
• Enter each required local value and save.
• Choose 1. Show collector status to confirm the local settings warning is gone.

If the collector status page or EXE status screen shows a warning like One or more local settings still need to be entered in the collector, open the EXE, choose option 5, enter the missing values, then run the collector again or wait for the next scheduled run.

4a. Security Notes for Reviewers

• Use the lowest practical privilege that still allows full configuration retrieval.
• Locally entered collector secrets are intended to remain on the collector host rather than being stored as website-managed secret values.
• Website communication is designed around outbound HTTPS from the collector host. If syslog-triggered collection is enabled, separate inbound syslog traffic to the collector host is also part of that workflow.
• If your review needs current package-trust, update, or deployment-architecture details, contact secdit directly.

5. Verify the Installation

After installation, confirm the collector is healthy from the EXE menu.

• Open configsentry_collector.exe and choose 1. Show collector status.
• Confirm Config file: Found and Local settings: Complete.
• Confirm Task Scheduler: Enabled and Collector service: Running.
• Choose 4. Appliances to review appliance-level status and any per-appliance errors.
• Run a collection and confirm the audit appears in the ConfigSentry dashboard.

If the status screen shows warnings, clear those first before relying on scheduled collection.

6. Windows Firewall (Syslog)

If you have enabled syslog-triggered collection, allow the collector syslog listener port through Windows Firewall. By default the listener uses UDP port 2216. Create an inbound rule in Windows Defender Firewall to permit UDP traffic on the configured port.

7. Updating the Collector

Collectors can update in two ways:

• Automatic update - if automatic runtime updates are enabled for the collector, the background service can download and apply a newer runtime automatically.
• Manual update from the menu - run configsentry_collector.exe and choose 6. Install collector updates.

Config updates are separate from runtime updates. To download the latest collector config from the website, use menu option 7. Install config updates.

Option 6 updates the collector runtime files. Option 7 updates the collector configuration that was assigned from the website. In normal operation you may use either or both, depending on what changed.

You can still download a fresh Windows EXE package and run it again in the same folder, but in most cases the EXE menu is the simplest way to manage updates and repairs. See Collector Management for the full update and runtime-control workflow.

8. Uninstalling

Before deleting the collector folder, run configsentry_collector.exe and choose 3. Disable collector service. This stops the collector background service and disables the Task Scheduler watchdog entry.

After disabling the service, choose 1. Show collector status if you want to confirm the scheduler and service are no longer active.

After that, you can delete the collector folder. No registry entries or system-wide changes are made outside of the Task Scheduler entry and the files stored in the collector folder.

9. Command Line Arguments

The Windows EXE also supports command line arguments for scripted or advanced use. The complete operational reference is in Collector Management.

• --menu - open the interactive menu.
• --run - run a collection immediately.
• --install-updates - check for and install collector runtime updates.
• --install-config - check for and install collector config updates.
• --status - show collector status.
• --status-json - output collector status as JSON.
• --service-status - show collector service status.
• --edit-local-settings - open the local settings editor.
• --schedule-enable - enable the collector service and Task Scheduler watchdog.
• --schedule-disable - disable the collector service and Task Scheduler watchdog.
• --install-config-file="C:\path\configsentry_collector_install.json" - import a collector config file manually.
• --run-for-ip="1.2.3.4" - run collection only for the appliance that matches the specified source IP.