Any roadmap to create a specific Add-On for Azure Sentinel. It looks like a great fit since they are leveraging Logstash and fluentd as recommendations and those are not the easiest items to manage at scale.
Hi all,
i am using nxlog to convert log from cef to json, output the same : {"SourceModuleName":"udp","timestamp":"2020-07-30T10:23:53.433042+07:00","serverity":"Low","signature":"/Execute/Query","category":"/Success","action":"keyinst","direction":"0","host":"192.168.51.15"}
I have been looking for a way of aggregating disparate logs and according to the Web NXLog is what I need.
I have installed NXLog Community Edition and that's it. It a running.
I had hoped for some form of web interface and from that a way of collecting log files.
But I cannot seem to find anything of such ilk.
I suspect I am missing something obvious, which is normal as I am partially sighted and tend to miss the obvious.
Hi,
On output Module (om_tcp or om_ssl), "Listen" directives allow to configure output as a server : it will listen for incomming connection.
On input Module (in_tcp or in_ssl), i don't find any "Connect" or "Listen->False" directives to configure input as a client...
Why is it possible for output and not for input ?
We have a lot of server on DMZ Network and they can't connect to LAN Network for security reason.
Hi,
I have a working configuration for sending Windows DHCP server logs to a remote syslog server, where we are combining the logs with FreeRADIUS logs for auditing and troubleshooting WiFi logon events.
