Reliable delivery of logs - can you trust TCP?

When considering your log collection strategy, a decision you have to make is which transport protocol to use to transfer logs from source to destination. The choice is often between the two most commonly used protocols, UDP (User Datagram Protocol) and TCP (Transfer Control Protocol). Which one to use depends on the type of logs you need to transfer, and whether performance or reliability is more important.

NXLog vs IBM QRadar WinCollect - Let's get things straight

How does NXLog Enterprise Edition compare to the IBM QRadar WinCollect event forwarder?

IBM QRadar SIEM collects, processes, and aggregates log data to provide real-time monitoring and automated response to network threats. With its powerful correlation engine and specialized modules for risk and vulnerability management, it is no surprise that it is among the highest-rated tools on Gartner Peer Insights.

Understanding and auditing WMI

If you’re a cyber security enthusiast, you’ve probably heard a lot about Windows Management Instrumentation (WMI) lately. There’s a good reason why this topic has gained popularity, however, this technology has been integrated into Windows operating systems for over 20 years now. In this blog post, we will delve into how WMI works, the risks resulting from misuse, and how to audit it with NXLog.

Log aggregation with NXLog

The value of log aggregation

There is no denying the importance of log aggregation for multi-million-dollar enterprises worldwide. But just what is log aggregation? And how can it help your organization? Well, log aggregation is the process of standardizing and consolidating your log data from distributed systems across your network, into one centralized server. By doing so, you have a unified view of what occurs