Questions about NXLog
So we have several systems/appliances that only send to one location. However, we have a need to send logs to more than one location the issue is that the logs are sent in LEEF format and one system uses LEEF and the other system uses CEF.
I know NXLog will do the multiple sending however, will it also convert the logs it is sending?
I am asking this because we were told the Snare Central Server could do it and found out that it cannot do it without the agents installed. Clearly you cannot install agents on an appliance so before we go to the trouble of trying to setup and build out an NXLog server we need to know if this type of thing is possible.
Just to clarify:
Are you saying that you will have some number of Inputs coming into the NXLog server and going out to two separate Outputs with one Output needing LEEF format and the other needing CEF as Output?
If so, what format do the logs come in on?
I know NXLog will do the multiple sending however, will it also convert the logs it is sending?
The short answer is yes, NXLog can indeed convert logs on the output. The following links will show you how to create CEF and LEEF logs in NXLog.
https://nxlog.co/documentation/nxlog-user-guide/leef.html#generating-leef-logs
https://nxlog.co/documentation/nxlog-user-guide/cef.html#generating-and-forwarding-cef
We do offer a free trial of NXLog EE that may be beneficial for you as well.
https://nxlog.co/products/nxlog-enterprise-edition/download
