Uninstalling the Host Monitoring App

Uninstalling Host Monitoring Agents

Uninstall the Host Monitoring Agents as follows:

Note

This completely removes the following packages from your system, including any additional configurations you may have added outside of Observe. Please be sure you want to do this before proceeding.

EC2 Amazon Linux 2

Uninstall on Amazon Linux 2 with the following commands:

sudo service osqueryd stop
sudo yum erase osquery -y
sudo rm /etc/pki/rpm-gpg/RPM-GPG-KEY-osquery
sudo rm  /etc/osquery/osquery.conf

sudo service td-agent-bit stop
sudo yum erase td-agent-bit -y
sudo rm /etc/yum.repos.d/td-agent-bit.repo
sudo rm /etc/td-agent-bit/td-agent-bit.conf

sudo service telegraf  stop
sudo yum erase telegraf -y
sudo rm /etc/yum.repos.d/influxdb.repo
sudo rm /etc/telegraf/telegraf.conf

Ubuntu 20.04 LTS

Uninstall on Ubuntu 20.04 with the following commands:

sudo service osqueryd stop
sudo apt-get remove osquery -y
sudo rm  /etc/osquery/osquery.conf
sudo rm  /etc/osquery/osquery.flags

sudo service td-agent-bit stop
sudo apt-get remove td-agent-bit -y
sudo rm /etc/td-agent-bit/td-agent-bit.conf

sudo service telegraf stop
sudo apt-get remove telegraf -y
sudo rm /etc/telegraf/telegraf.conf

CentOS

Uninstall on CentOS with the following commands:

sudo service osqueryd stop
sudo yum erase osquery -y
sudo rm /etc/pki/rpm-gpg/RPM-GPG-KEY-osquery
sudo rm /etc/osquery/osquery.conf
sudo rm /etc/osquery/osquery.flags

sudo service td-agent-bit stop
sudo yum erase td-agent-bit -y
sudo rm /etc/yum.repos.d/td-agent-bit.repo

sudo service telegraf stop
sudo yum erase telegraf -y
sudo rm /etc/yum.repos.d/influxdb.repo

Microsoft Windows

Uninstall on Microsoft Windows with the following steps using PowerShell:

Osquery

Stop-Service osqueryd

Under Windows Settings, open Add/Remove Programs. Locate “osquery” and click Uninstall. Click Uninstall again to confirm, and Windows removes osquery from your Windows device.

To remove the osquery install directory from your device:

Remove-Item -Recurse "${Env:Programfiles}\osquery"

Fluent Bit

Stop-Service fluent-bit
sc delete fluent-bit

Under Windows Settings, open Add/Remove Programs. Then find fluent-bit and click Uninstall. Click Uninstall again to confirm. Follow the steps to remove fluent-bit from your Windows device.

To remove the fluent-bit install directory:

Remove-Item -Recurse -Force "${Env:Programfiles}\fluent-bit"

Telegraf

Navigate to the telegraf.exe location, for example, C:\Program Files\InfluxData\telegraf\telegraf-1.23.3 and run the following Powershell command:

Stop-Service telegraf
cd "${Env:Programfiles}\InfluxData\telegraf\telegraf-1.23.3\"
.\telegraf.exe --service uninstall      

To remove the telegraf install directory:

cd \; Remove-Item -Recurse -Force "${Env:Programfiles}\InfluxData\telegraf"

If you installed agents using the single sample command without setting the script argument -config_files_clean = TRUE, then you can also delete the following temp folder:

Remove-Item -Recurse -Force "C:\temp\observe"

You may also need to remove service settings for custom log files or proxies if you added them.

App Uninstall

To uninstall the Host Monitoring app from your Observe workspace, follow the instructions located at Apps page.

If you have another app linked to the Host Monitoring app, then remove that link before deleting the Host Monitoring app.