Below is the list of blog posts with the “etw” tag.
October 11, 2021
Collecting DHCP server logs on Windows
DHCP server log collection made simple DHCP (Dynamic Host Configuration Protocol) is a network management protocol that dynamically assigns IP addresses to each client machine on your network. However, its importance does not stop there. DHCP can even generate numerous critical events that indicate your network’s security has been compromised.
You might then wonder how you can use these events to safeguard your organization from intrusion. Well, these event logs store valuable information that contain the ID and IP address associated with each client.
March 3, 2020
Sending ETW Logs to Splunk with NXLog
NXLog supports direct collection of Event Tracing for Windows (ETW) data. DNS Analytical logs, for example, can be forwarded to Splunk or another SIEM for monitoring and analysis.
Collecting ETW Logs Event Tracing for Windows (ETW) is a kernel-level tracing facility that provides high-performance logging of kernel and application events. ETW events can be written to a log file or collected directly from the system in realtime via the Consumers API.
Sign up
Keep up to date with our monthly digest of articles.
By clicking singing up, I agree to the use of my personal data in accordance with NXLog Privacy Policy.
Featured posts
Categories

Subscribe to our newsletter to get the latest updates, news, and products releases.
© Copyright 2023 NXLog Ltd.
-
ABOUT US
- WHY NXLOG
- CUSTOMERS
- CAREERS
- CONTACT US