Official NXlog conf Mistake ? MS AD Security Events don't match Channel

Hi ,
I'm not sure if this is NXLog Conf mistake, or I misunderstood it. The official NXLog conf file:

The events IDs included in the conf file, seems to be found in Domain Controller, -> Event Viewer -> Windows Logs ->Security.

AskedSeptember 8, 2020 - 8:43pm

Access event id with nxlog enterprise remotly

Hi all

I'd like to know if I could access to windows log for a windows server 2003 without installing agent locally. I'd like to use only one nxlog on a central server (Linux Centos 7) and access to different server agentless.

Is it possible?

I see that an option is
Using the im_wmi input module that can pull eventlog data remotely over the WMI protocol.

Do you have a sample in order to implement this option?

Thank you

AskedSeptember 1, 2020 - 9:58am

nxlog to read multiple CSV files and send it SIEM

We have a requirement to read CSV from one folder which is auto generated by the application with a new file name at schedule time say either Ex: 1 hour or 4 hours

AskedAugust 28, 2020 - 12:29pm