NxLog to QRadar with TLS

Hello Everybody, 

We are currently using nxlog to send Windows logs to QRadar SIEM utsing TLS.

It works fine, but I receive extra lines in QRadar. I receive empty logs (containing Cg== on base 64, which seems to be a carriage return or a line break). 

The problem appears only when using module om_ssl, not whith om_tcp or om_udp. We tried to remove line break or carriage return using nxlog configuration, but  we still have the behaviour. 

AskedJanuary 25, 2016 - 11:49am

Snare Lite Open source v.s. NXlog CE and PCI 3.0 compliance

We have been using Snare Lite Open source for years, and understand it no longer meets PCI 3.0 compliance as it does not log enough event information. Snare Enterprise logs significantly more information, and would be PCI 3.0 compliant, but is expensive.

AskedJanuary 22, 2016 - 11:05pm

How to capture print logs stored in Windows Eventlog


I am suresh, i have installed nxlog agent on one of my Windows 2008 R2 print server and it transfer Application, Security & System Eventlogs to LogRhythm log collector. 

AskedJanuary 21, 2016 - 2:18pm