This article covers the installation of the EventLogCentral server component. The server hosts the web-based administrative interface and manages configuration for all EventLogAgent clients in your environment. Complete this installation before deploying any EventLogAgent clients.
Step 1 โ Download and prepare the installation package:
Download the following installation package:
lta-mp-eventlogcentral.zip
If the ZIP file was downloaded from the internet:
- Right-click the ZIP file
- Select Properties
- Click Unblock if present
- Click Apply
Extract the contents of the ZIP file to a temporary folder.
Step 2 โ Run the installer:
Locate the installer in the extracted folder:
LTA_EventLogCentral.msi
Right-click the MSI file and select Install. Follow the installation wizard prompts to complete the installation.
By default, the application installs to:
C:\Program Files\Blue Lance 2-0\LTA_EventLogCentral
Step 3 โ SSL certificate:
During installation, EventLogCentral automatically generates a self-signed TLS certificate:
| File | Location | Purpose |
| ltaeventlog.pfx | C:\Program Files\Blue Lance 2-0\certs | Server TLS certificate used for HTTPS and agent communication |
| ltaeventlog.cer | C:\Program Files\Blue Lance 2-0\certs | Public certificate file โ must be distributed to all EventLogAgent client machines when using self-signed certificates |
Using a custom TLS certificate:
If your organization requires a custom CA-signed certificate instead of the auto-generated self-signed certificate:
- Replace the existing certificate file in the certs folder with your custom certificate
- Ensure the certificate:
- Supports Server Authentication
- Matches the server hostname or DNS name
- If the replacement certificate is password protected, update the following Windows environment variable with the certificate password:
LTAEVENTLOG_CERT_PASSWORD
- If the replacement certificate uses a different filename, update the appsettings.json file:
- Locate the https:certificate setting
- Update the value to reference the new certificate filename
- Restart the LT Auditor MP Event Log Server Service to apply the certificate changes
Step 4 โ Verify the installation:
After installation completes:
- Open a browser on the server
- Navigate to:
- Confirm the EventLogCentral login page appears
- Confirm the LT Auditor MP Event Log Server Service is running:
sc query “LT Auditor-MP Event Log Server Service”
The service should show as Running.
Step 5 โ First time login:
On first access, log in using the default administrator credentials:
| Field | Value |
| Username | admin |
| Password | TempP@ssw0rd!2025 |
Change the default password immediately after first login. Refer to the Admin article for instructions on changing the administrator password.
Reviewing server logs:
If the application fails to start or clients cannot connect after installation, review the logs located in:
C:\Program Files\Blue Lance 2-0\LTA_EventLogCentral\logs
Check for:
- Certificate loading failures
- Port conflicts on 52965 or 52966
- Database connectivity errors
- TLS negotiation failures
- Service startup issues
Password requirements:
When changing the default password or creating new user accounts, passwords must meet the following requirements:
| Requirement | Detail |
| Minimum length | 10 characters |
| Uppercase letters | At least one (A-Z) |
| Lowercase letters | At least one (a-z) |
| Digits | At least one (0-9) |
| Special characters | At least one (!@#$%^&*) |