Jul 2020

July 2020 Newsletter

LIVE WEBINAR: Features and benefits in the new NXLog Enterprise Edition 5.0 - REGISTER NOW

This new release further positions NXLog as the log collection agent of choice for MSSPs, SIEMs and Log Management suites across Windows, Linux and Unix platforms, and containers. 
In this 30-minute live webinar, Jesse Hulsey, Product Manager, will describe how NXLog Enterprise Edition 5.0 can help you with:

  • passive network monitoring and capture 
  • reliable compressed and encrypted transport and storage 
  • output network fail-over

Jesse will also address these features of NXLog Enterprise 5.0: 

  • added network packet capture support 
  • added data at rest protection 
  • added failover support 
  • Improved feature to read and write compressed files 
  • batch processing 
  • added ID resolution for better readability of log events 
  • event correlations on the edges 
  • added IPv6 support 
  • added FIFO collection for Linux and UNIX systems 

The webinar will be followed by a lengthy Q&A session, so please bring all your questions and Jesse will be pleased to address them. 

When: 12 August, 1 pm CDT (USA) or 13 August, 2 pm CET (EUR) via Zoom

Further dates (can already be registered for): 19 August, 1 pm CDT (USA) or 20 August, 2 pm CET (EUR) via Zoom

REGISTER NOW

To be later hosted on our YouTube channel. Subscribe today to keep track of our activities and new how-tos and announcements.


Security Auditing on Modern Operating Systems Whitepaper

Audit logging is important for maintaining security and investigating incidents, and is required by many cybersecurity standards. These increasingly tightening regulations require a powerful solution for accountability, and while most operating systems have a native auditing system available for similar purposes, there are gaps to be bridged, since implementing an organization-wide auditing policy requires working with a variety of auditing systems, depending on which operating systems are deployed in the organization’s network.

Using NXLog to collect audit events provides you with:

  • a flexible, high-performance logging solution that offers a wide range of functionality for collecting audit data on multiple platforms
  • native auditing support for several operating systems, a unique feature not found in competing products
  • simplified administration by eliminating the need for an audit daemon
  • many other features to meet your organization's auditing requirements 

Read the new Whitepaper here.


DNS log collection and parsing

Part 1 in the series of blog posts on DNS logging. DNS log collection and parsing should be part of the log collection strategy of every modern IT infrastructure. There are numerous reasons why you should be concerned enough to collect as well as parse the DNS logs collected, some of which include:

Operations and Support    
Parsing DNS server logs can be used to track active DNS clients, while parsing complex and noisy logs can be helpful in troubleshooting support issues.

Performance    
Collecting all DNS logs and all the metadata they contain could pose major resource utilization concerns. The collection should be based on parsing logic and rules to only collect what is really needed, therefore minimizing the required resources.

Security    
By parsing the logs, you can drill down and find the right data for security issues such as finding signs of an intrusion or an attack, or tracking the source of an attack. It also helps to detect malware from lookups on recently registered, esoteric domain names as well as consistent lookup failures.

Monitoring    
Parsing the collected logs could reveal unknown devices that appear on the network and identify critical devices that have not issued any queries within a predefined time span.

Read the blog post here


NXLog Enterprise Edition 4.8 is available for download

We are happy to announce the release of NXLog Enterprise 4.8. This release is mostly about minor functionality improvements and bug fixes. The highlights:

  • Dependency updates in generic packages
  • Support for Ubuntu 20.04 LTS
  • om_kafka performance improvement

See the full announcement including changelog and download link here 


Request a pre-sales consultation

Need assistance to find out which product(s), feature(s), add-on(s) would serve your needs the best? From now on you can request a consultation with our specialists here


Top Social Media Chatter in July

What did the community have to say about NXLog on social media?  Tweet to us or share your updates with us on LinkedIn for an opportunity to be listed in this newsletter.

Reddit Posts

  • Best free event log forwarder for Windows 10? Nxlog gets recommended - comment

Other places

Share this post