May 2020

May 2020 Newsletter

Focusing on reliable DNS logging

NXLog has collected best practices and useful content for doing DNS logging properly. Read, learn, and get unfair advantages.

DNS Auditing was added to the BIND 9 section

We added extra info for auditing BIND 9 DNS on Linux systems. Different to File Integrity Monitoring, which provides monitoring based on checking for changes to the cryptographic checksums, DNS audit logging offers some additional details. 

Enhancement of the Windows DNS Logging section in the User Guide

Windows DNS logging is a favorite use case of NXLog's users. We updated our user guide and made it more readable and useful. It describes four general event logging facilities for monitoring DNS events generated by Windows DNS Server and its clients.

A new version of the NXLog Azure Add-On was published

This Add-On includes two different solutions:

  • Microsoft Office 365: updated authentication and documentation is now representing the latest state of the Azure portal.
  • Microsoft Azure: after Microsoft retired the "Azure AD Reports and Events REST API", we added support for the Microsoft Graph API (directoryAudits and signIn interfaces).

NXLog's products are available on Microsoft Azure Marketplace

NXLog Enterprise Edition, NXLog Add-On (for Microsoft Azure and Office 365); the two most liked products are now generally available on Azure Marketplace.

Windows command line process auditing

NXLog can be configured to collect and parse command line auditing logs. It gives more precise auditing on when new processes are created.

Added filtering details to Syslog chapter

NXLog added a more specific filtering description to the Syslog chapter. By doing filtering properly, you can deliver the necessary logs into any analytic tools. 

Better RADIUS protocol logging

NXLog can be configured to process RADIUS accounting logs. Because this is a central authentication/Authorization and account management technology, it is essential to get logs on who accessed a system. Read how NXLog can be configured to parse FreeRadius logs.

Top Social Media Chatter in May

What did the community have to say about NXLog on social media?  Tweet to us or share your updates with us on LinkedIn for an opportunity to be listed in this newsletter.

Reddit Posts

  • Support on DC upgrade - comment
  • "Garylog/mongodb/elasticsearch ssl questions" - comment
  • "Recommendations for an Open Source Syslog (Windows and Linux) server?" - comment
  • "Does anyone use a third-party tool to audit Active Directory?" - comment

Other places

  • CIS Controls Volunteer Spotlight: Giacomo Lunardon: "What are your favorite cybersecurity blogs, podcasts, or books? I usually follow some open-source community forums useful for applying CIS Controls, such as pfSense, Nmap, openVAS, NXLog, GreyLog, Ossim, and Kismet."

Share this post