May 2020 Newsletter
NXLog has collected best practices and useful content for doing DNS logging properly. Read, learn, and get unfair advantages.
We added extra info for auditing BIND 9 DNS on Linux systems. Different to File Integrity Monitoring, which provides monitoring based on checking for changes to the cryptographic checksums, DNS audit logging offers some additional details.
Windows DNS logging is a favorite use case of NXLog's users. We updated our user guide and made it more readable and useful. It describes four general event logging facilities for monitoring DNS events generated by Windows DNS Server and its clients.
This Add-On includes two different solutions:
- Microsoft Office 365: updated authentication and documentation is now representing the latest state of the Azure portal.
- Microsoft Azure: after Microsoft retired the "Azure AD Reports and Events REST API", we added support for the Microsoft Graph API (directoryAudits and signIn interfaces).
NXLog Enterprise Edition, NXLog Add-On (for Microsoft Azure and Office 365); the two most liked products are now generally available on Azure Marketplace.
NXLog can be configured to collect and parse command line auditing logs. It gives more precise auditing on when new processes are created.
NXLog added a more specific filtering description to the Syslog chapter. By doing filtering properly, you can deliver the necessary logs into any analytic tools.
NXLog can be configured to process RADIUS accounting logs. Because this is a central authentication/Authorization and account management technology, it is essential to get logs on who accessed a system. Read how NXLog can be configured to parse FreeRadius logs.
Top Social Media Chatter in May
- Support on DC upgrade - comment
- "Garylog/mongodb/elasticsearch ssl questions" - comment
- "Recommendations for an Open Source Syslog (Windows and Linux) server?" - comment
- "Does anyone use a third-party tool to audit Active Directory?" - comment
- CIS Controls Volunteer Spotlight: Giacomo Lunardon: "What are your favorite cybersecurity blogs, podcasts, or books? I usually follow some open-source community forums useful for applying CIS Controls, such as pfSense, Nmap, openVAS, NXLog, GreyLog, Ossim, and Kismet."