July 2020 Newsletter
This new release further positions NXLog as the log collection agent of choice for MSSPs, SIEMs and Log Management suites across Windows, Linux and Unix platforms, and containers.
In this 30-minute live webinar, Jesse Hulsey, Product Manager, will describe how NXLog Enterprise Edition 5.0 can help you with:
- passive network monitoring and capture
- reliable compressed and encrypted transport and storage
- output network fail-over
Jesse will also address these features of NXLog Enterprise 5.0:
- added network packet capture support
- added data at rest protection
- added failover support
- Improved feature to read and write compressed files
- batch processing
- added ID resolution for better readability of log events
- event correlations on the edges
- added IPv6 support
- added FIFO collection for Linux and UNIX systems
The webinar will be followed by a lengthy Q&A session, so please bring all your questions and Jesse will be pleased to address them.
When: 12 August, 1 pm CDT (USA) or 13 August, 2 pm CET (EUR) via Zoom
Further dates (can already be registered for): 19 August, 1 pm CDT (USA) or 20 August, 2 pm CET (EUR) via Zoom
To be later hosted on our YouTube channel. Subscribe today to keep track of our activities and new how-tos and announcements.
Audit logging is important for maintaining security and investigating incidents, and is required by many cybersecurity standards. These increasingly tightening regulations require a powerful solution for accountability, and while most operating systems have a native auditing system available for similar purposes, there are gaps to be bridged, since implementing an organization-wide auditing policy requires working with a variety of auditing systems, depending on which operating systems are deployed in the organization’s network.
Using NXLog to collect audit events provides you with:
- a flexible, high-performance logging solution that offers a wide range of functionality for collecting audit data on multiple platforms
- native auditing support for several operating systems, a unique feature not found in competing products
- simplified administration by eliminating the need for an audit daemon
- many other features to meet your organization's auditing requirements
Read the new Whitepaper here.
Part 1 in the series of blog posts on DNS logging. DNS log collection and parsing should be part of the log collection strategy of every modern IT infrastructure. There are numerous reasons why you should be concerned enough to collect as well as parse the DNS logs collected, some of which include:
Operations and Support
Parsing DNS server logs can be used to track active DNS clients, while parsing complex and noisy logs can be helpful in troubleshooting support issues.
Collecting all DNS logs and all the metadata they contain could pose major resource utilization concerns. The collection should be based on parsing logic and rules to only collect what is really needed, therefore minimizing the required resources.
By parsing the logs, you can drill down and find the right data for security issues such as finding signs of an intrusion or an attack, or tracking the source of an attack. It also helps to detect malware from lookups on recently registered, esoteric domain names as well as consistent lookup failures.
Parsing the collected logs could reveal unknown devices that appear on the network and identify critical devices that have not issued any queries within a predefined time span.
Read the blog post here
We are happy to announce the release of NXLog Enterprise 4.8. This release is mostly about minor functionality improvements and bug fixes. The highlights:
- Dependency updates in generic packages
- Support for Ubuntu 20.04 LTS
- om_kafka performance improvement
See the full announcement including changelog and download link here
Need assistance to find out which product(s), feature(s), add-on(s) would serve your needs the best? From now on you can request a consultation with our specialists here
Top Social Media Chatter in July
- Best free event log forwarder for Windows 10? Nxlog gets recommended - comment
- LogDNA recommends its NXLog integration to log WinEvents
- Top 10 Homelab Tools and Software - in this blog post NXlog is the recommended log collection software