April 2020 Newsletter
This whitepaper aims to help you develop such a strategy that ensures reliable log analytics and optimized performance while reducing overall SIEM costs.
The team added a few minor features, but the highlight of the release is the improved stability and scalability in distributed operation.
As you dig deeper into the topic of log collection and SIEM, you might come across some IT terminology or acronyms you haven’t encountered before. In this article, we are going to enumerate and explain the most commonly used IT expressions in the fields of IT security and log collection, in order to make your research easier.
IT security should be one of the main focus points of all enterprises. In today’s world, when digital transformation is taking place at an unprecedented pace, securing online data is vital for all kinds of businesses. This is why most companies are utilizing SIEM (Security Information and Event Management) solutions that help them identify threats before they can do any harm.
McAfee® ePolicy Orchestrator® enables centralized policy management and enforcement for endpoints and enterprise security products. McAfee ePO monitors and manages the network, detecting threats and protecting endpoints against these threats. NXLog can be configured to collect events and audit logs from the ePO SQL databases.
File integrity monitoring is implemented as a detection mechanism to monitor changes to important files and folders. Read this article on our website.
Nagios Log Server provides centralized management, monitoring, and analysis of logging data. It utilizes the ELK (Elasticsearch, Logstash, and Kibana) stack. NXLog can be customized to send log data to the Nagios Log Server over TCP, UDP, and TLS/SSL protocols.
Top Social Media Chatter in April
- "Very cool. Keep in mind there's new JSON parsing Sagan can do. We do a lot of similar stuff. We use NXLog instead (it's pretty nice) no the Windows side. ELK for backend searching. Sagan for alerting..." - Tweet
- "Rubish Windows logs by NXlog - solved" - comment
- "Shipping Windows Server Logs to Graylog Question" - comment
- "NXLog Conditional Logging on Windows?" - comment
- "NXLog Config Help" - comment
- "Graylog using NXLog for FIM" - comment
- Top SIEM Companies 2020, NXLog is listed.
- WinFIM.NET – Windows File Integrity Monitoring
- Some Grok Patterns, some NXLog conf, some Logstash conf and all goes to Graylog
- "Windows Event Logs can be forwarded to a central server. You can from there forward it via normal means or using something like NXLog or syslog-ng"
- "You'll install and use Filebeat and NXLog to collect logs and send them through the entire log pipeline. You'll learn how to use agents over various transport mechanisms such as TCP versus UDP."
- Fintechs and Security – Part 4 - Logging