Disable and Enable the AMP Connector Service

Available Languages

Download Options

  • PDF     (595.8 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (699.2 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (502.2 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:November 22, 2022
Document ID:118588

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

    Introduction

    This document describes various methods to disable and enable the AMP Connector service.

    Background Information

    When you troubleshoot, you need to disable the AMP Connector service. There are a few reasons why you need to do this:

    • In order to remove a corrupt database or log file.
    • In order to uninstall AMP connector due to an error, corrupt installation, or incomplete installation.
    • Replace the policy.xml file (for advanced troubleshooting purposes).

    Manage the AMP Connector Service on Microsoft Windows

    Control Panel

    The AMP Connector can be disabled via the Control Panel. In order to disable the Connector via the Control Panel, complete these steps:

    1. Choose Start > Control Panel.
    2. In the Control Panel, click System and Security and then click Administrative Tools.
    3. Double-click Services.
    4. In the Services window, scroll down and locate the Cisco AMP for Endpoints Connector service.

      Service Window - Locate Cisco AMP for Endpoints Connector

    5. Left-click the Cisco AMP for Endpoints Connector and then click Stop underneath the service name on the left.

      Cisco AMP for Endpoints Connector then Stop

    Command Prompt

    You can also use the command prompt in order to disable the AMP Connector service.

    1. You have to identify the correct service name.  

    2. Choose Start > Control Panel.

    3. In the Control Panel, click System and Security and then click Administrative Tools.

    4. Double-click Services.

    5. In the Services window, scroll down and locate the Cisco AMP for Endpoints Connector service.

    6. Right-click this service and click Properties.

    7. Note the service name here that is used in the next steps.

    Note the Service Name that is Used

    Note: The service name changes as per the version of the AMP Connector that is installed.

    8. Go to the Start menu and find the cmd.exe file.

    9. Right-click and choose Run as Administrator.

    Programs - Run as Administrator

    10. At the command prompt, enter this command in order to stop the AMP Connector:

    C:\Windows\system32> net stop CiscoAMP_6.3.1

    Stop the AMP Connector with this Command

    11. Alternatively, you can use the wmic command as well.

    wmic service where name="CiscoAMP_6.3.1" call stopservice

    Stop AMP Connector with wmic Command

    12. In order to restart the Connector, enter this command:

    C:\Windows\system32> net start CiscoAMP_6.3.1

    (OR)
    wmic service where name="CiscoAMP_6.3.1" call startservice

    13. When a Connector starts, this output is displayed.

    Output Displayed when Connector Starts

    Note: These steps do not work if Connector Password Protection is enabled. Use the next steps to include the protection password in order to stop the service. This command only works on version 4.3.0 and later of the AMP Connector.

    14. Enter this command:

    sfc.exe -k password

    Replace the word "password" with the actual password set in your policy.

    Enter Command and Use the Actual Password set in Your Policy

    Note: The directory changes as per the version of Cisco AMP Connector installed. 

    Stop the Service with the User Interface

    You can also stop the password protected service from the user interface.

    Stop the Service with the User Interface

    Manage the AMP Connector Service on OSX

    In order to disable the AMP service on OSX, enter this command in a terminal:

    sudo launchctl unload /Library/LaunchDaemons/com.cisco.amp.daemon.plist

    In order to enable the AMP service on OSX, enter this command in a terminal:

    sudo launchctl load /Library/LaunchDaemons/com.cisco.amp.daemon.plist

    Manage the AMP Connector Service on Linux (RHEL 6)

    In order to disable the AMP service on Linux, enter this command in a terminal:

    sudo initctl stop cisco-amp

    In order to enable the AMP service on Linux, enter this command in a terminal:

    sudo initctl start cisco-amp

    Manage the AMP Connector Service on Linux (RHEL 7)

    In order to disable the AMP service on Linux, enter this command in a terminal:

    sudo systemctl stop cisco-amp

    In order to enable the AMP service on Linux, enter this command in a terminal:

    sudo systemctl start cisco-amp

    Related Information

    Revision History

    Revision Publish Date Comments
    2.0
    22-Nov-2022
    Updated title and introduction, style requirements, SEO, machine translation and formatting.
    1.0
    03-Oct-2014
    Initial Release
    TAC Authored

    Contributed by Cisco Engineers

    • Abhishek Sha
      Cisco TAC

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco

    This Document Applies to These Products