Ask questions. Get answers. Find technical product solutions from passionate experts in the NXLog community.
Authenticate macOS senders over TLS with certificates in System Keychain?
ygini created
Hello,
We are deploying NXLog Enterprise on a fleet of macOS devices with the goals to collect endpoint events even remotely. Which mean Graylog GELF exposed over Internet, with TLS encryption and certificate authentication requirements.
I see that om_ssl can do the job of TLS communication and even client authentication, but the settings I see are using file path for the Private Key.
Is there a way to have NXLog with om_ssl on macOS using a certificate from the System Keychain ?
Thanks
ygini created
How to figure out what event types to filter in im_maculs
mthoma created
I've been tasked to roll out nxlog on all of our Macs. I have it working in the sense that logs are being uploaded to our syslog server.
However I've been given a list from https://www.iansresearch.com/resources/all-blogs/post/security-blog/2021/04/29/best-practices-for-macos-logging-monitoring and told to implement it.
How the heck do I find out what eventtypes to filter so that I can capture the list of logs that is on this webpage. And is this list even the right one to follow? It mentions using Consolation 3, but I have no idea how that's supposed to help me figure this out.
What is your goto source for this type of info?
mthoma created
