- Introduction
- Deployment
- Configuration
- OS Support
- Integration
- 42. Amazon Web Services (AWS)
- 43. Apache HTTP Server
- 44. Apache Tomcat
- 45. APC Automatic Transfer Switch
- 46. Apple macOS kernel
- 47. ArcSight Common Event Format (CEF)
- 48. Box
- 49. Brocade Switches
- 50. Browser History Logs
- 51. Check Point
- 52. Cisco ACS
- 53. Cisco ASA
- 54. Cisco FireSIGHT
- 55. Cisco IPS
- 56. Cloud Instance Metadata
- 57. Common Event Expression (CEE)
- 58. Dell EqualLogic
- 59. Dell iDRAC
- 60. Dell PowerVault MD Series
- 61. Devo
- 62. DHCP logs
- 63. DNS Monitoring
- 64. Docker
- 65. Elasticsearch and Kibana
- 66. F5 BIG-IP
- 67. File Integrity Monitoring
- 68. FreeRADIUS
- 69. Graylog
- 70. HP ProCurve
- 71. IBM QRadar SIEM
- 72. Industrial Control Systems
- 73. Linux Audit System
- 74. Linux system logs
- 75. Log Event Extended Format (LEEF)
- 76. McAfee Enterprise Security Manager (ESM)
- 77. McAfee ePolicy Orchestrator
- 78. Microsoft Active Directory Domain Controller
- 79. Microsoft Azure
- 80. Microsoft Azure Event Hubs
- 81. Microsoft Azure Sentinel
- 82. Microsoft Exchange
- 83. Microsoft IIS
- 84. Microsoft SharePoint
- 85. Microsoft SQL Server
- 86. Microsoft System Center Endpoint Protection
- 87. Microsoft System Center Configuration Manager
- 88. Microsoft System Center Operations Manager
- 89. MongoDB
- 90. Nagios Log Server
- 91. Nessus Vulnerability Scanner
- 92. NetApp
- 93. .NET application logs
- 94. Nginx
- 95. Okta
- 96. Osquery
- 97. Postfix
- 98. Promise
- 99. Rapid7 InsightIDR SIEM
- 100. RSA NetWitness
- 101. SafeNet KeySecure
- 102. Salesforce
- 103. Snare
- 104. Snort
- 105. Solarwinds Loggly
- 106. Splunk
- 107. Sumo Logic
- 108. Symantec Endpoint Protection
- 109. Synology DiskStation
- 110. Syslog
- 111. Sysmon
- 112. Ubiquiti UniFi
- 113. VMware vCenter
- 114. Windows AppLocker
- 115. Windows Command Line Auditing
- 116. Windows Event Log
- 117. Windows Firewall
- 118. Windows Group Policy
- 119. Windows Management Instrumentation (WMI)
- 120. Windows PowerShell
- 121. Microsoft Windows Update
- 122. Windows USB auditing
- 123. Zeek (formerly Bro) Network Security Monitor
- Troubleshooting
- Enterprise Edition Reference Manual
- NXLog Manager
- NXLog Add-Ons
Integration
-
Amazon Web Services (AWS) – Setting up integration with various services offered by AWS
-
Apache HTTP Server – Collecting and parsing messages from Apache’s error log and access log
-
Apache Tomcat – Collecting and parsing messages from Tomcat container log files
-
APC Automatic Transfer Switch – Configuring ATS logging and collecting the logs with NXLog
-
Apple macOS kernel – Configuring log collection for the Apple macOS kernel
-
ArcSight Common Event Format (CEF) – Sending and receiving log data to and from ArcSight
-
Box – Pull events from Box
-
Brocade Switches – Configuring a Brocade switch to send logs and collecting the logs with NXLog
-
Browser History Logs – Collecting logs from a browser history database
-
Check Point – Collecting logs from Check Point devices using the LEA protocol
-
Cisco ACS – Collecting and parsing logs from ACS devices
-
Cisco ASA – Configuring ASA logging and parsing the logs with NXLog
-
Cisco FireSIGHT – Collect events from FireSIGHT systems
-
Cisco IPS – Collect alerts from a Cisco Intrusion Prevention System
-
Cloud Instance Metadata – Adding instance metadata to events
-
Common Event Expression (CEE) – Sending and receiving CEE-formatted logs with NXLog
-
Dell EqualLogic – Configuring EqualLogic logging and extracting fields from the log data
-
Dell iDRAC – Configuring iDRAC logging and parsing the logs with NXLog
-
Dell PowerVault MD Series – Configuring PowerVault logging and collecting the logs with NXLog
-
Devo – Collecting, parsing and sending logs to devo
-
DHCP logs – Collecting logs from DHCP servers and clients
-
DNS Monitoring – Configuring DNS Server logging and parsing the logs with NXLog
-
Docker – Collecting logs from a Docker daemon or container
-
Elasticsearch and Kibana – Sending logs directly to Elasticsearch or to Logstash
-
F5 BIG-IP – Configuring BIG-IP logging and collecting the logs with NXLog
-
File Integrity Monitoring – Using NXLog to detect and log changes to files and directories
-
FreeRADIUS – Processing FreeRadius authentication and accounting logs with NXLog
-
Graylog – Using NXLog as a collector for Graylog
-
HP ProCurve – Configuring logging on ProCurve devices and collecting the logs with NXLog
-
IBM QRadar SIEM – Integrating NXLog with IBM QRadar SIEM
-
Industrial Control Systems – Collecting and processing logs from various industrial control systems
-
Linux Audit System – Collecting Audit logs with NXLog
-
Linux system logs – Using NXLog to collect system logs on Linux
-
Log Event Extended Format (LEEF) – Sending and receiving LEEF-formatted logs
-
McAfee Enterprise Security Manager (ESM) – Setting up McAfee ESM and sending events
-
McAfee ePolicy Orchestrator – Collect logs from McAfee ePolicy Orchestrator
-
Microsoft Active Directory Domain Controller – Collecting domain controller debug logs with NXLog
-
Microsoft Azure – Integrating NXLog with Azure services
-
Microsoft Azure Event Hubs – Forwarding log data to Microsoft Azure Event Hubs
-
Microsoft Azure Sentinel – Forwarding log data to Microsoft Azure Sentinel
-
Microsoft Exchange – Configuring and collecting several different types of Exchange logs
-
Microsoft IIS – Configuring and collecting various logs written by IIS
-
Microsoft SharePoint – Collecting several types of SharePoint logs with NXLog
-
Microsoft SQL Server – Collecting SQL Server logs, and reading from or writing to a database
-
Microsoft System Center Endpoint Protection – Collect and parse events from the SCEP client
-
Microsoft System Center Configuration Manager – Setting up SCCM log collection
-
Microsoft System Center Operations Manager – Setting up SCOM log collection
-
MongoDB – Collecting log data from a MongoDB database
-
Nagios Log Server – Uses NXLog to send logs to Nagios Log Server
-
Nessus Vulnerability Scanner – Parsing Nessus scan results with NXLog Enterprise Edition
-
NetApp – Configuring NetApp logging and collecting the logs with NXLog
-
.NET application logs – Adding logging functionality to a .NET application
-
Nginx – Collecting and parsing Nginx error and access logs
-
Okta – Pull events from Okta
-
Postfix – Configuring Postfix logging and collecting the logs with NXLog
-
Promise – Collecting Promise SAN logs with NXLog
-
Rapid7 InsightIDR SIEM – Collecting, parsing and sending logs to Rapid7 InsightIDR SIEM
-
RSA NetWitness – Sending logs to NetWitness with NXLog
-
SafeNet KeySecure – Collecting and parsing logs from KeySecure devices
-
Salesforce – Fetch events from Salesforce
-
Snare – Sending and receiving Snare-formatted logs with NXLog
-
Snort – Collecting and parsing Snort alert logs
-
Solarwinds Loggly – Collecting, parsing, and sending logs to Loggly
-
Splunk – Forwarding log data to Splunk
-
Sumo Logic – Collecting, parsing, and sending logs to the Sumo Logic platform
-
Symantec Endpoint Protection – Collect virus alerts and audit events from an SEPM server
-
Synology DiskStation – Collecting logs from a DiskStation appliance
-
Syslog – Using the various Syslog formats with NXLog
-
Sysmon – Collecting, parsing, and filtering Sysmon events
-
Ubiquiti UniFi – Configuring UniFi logging; collecting and parsing the logs with NXLog
-
VMware vCenter – Collecting vCenter logs locally or remotely
-
Windows AppLocker – Collecting events generated by the AppLocker system
-
Windows Command Line Auditing – Auditing Windows command line
-
Windows Event Log – Collecting Windows Event Log data locally or remotely
-
Windows Firewall – Configuring and collecting various types of Windows Firewall logs
-
Windows Group Policy – Collect and parse events from Windows Group Policy
-
Windows Management Instrumentation (WMI) – Collecting events from WMI log files
-
Windows PowerShell – Using PowerShell scripts and logging PowerShell activity
-
Microsoft Windows Update – Collecting Windows Update Logs
-
Windows USB auditing – Windows USB Auditing
-
Zeek (formerly Bro) Network Security Monitor – Using NXLog to collect logs from Zeek