How to forward Active Directory data

Assuming your environments have been configured to log this stuff...nxlog will automatically forward all of these windows events to your SIEM for you in real time...you don't need a script to make this happen.

2018.07.15. 12:18
Why log filtering is essential for windows domain log sources

In his article titled Security Information & Event Management Design: Why log filtering is essential for windows domain log sources? Paul Dutot from Defence Logic raises some valid points about agent side filtering which we have been advocating for some time now. Well worth the read!

2018.05.23. 16:42
What is something that you absolutely love?

It's always delighting to hear users recommend NXLog:

NxLog - Such an awesome little free tool that will push windows events to your log aggregator in a variety of formats. Can even read in from files and push contents out

2018.04.10. 14:30
Centralized logging with Windows Event Forwarding

There was a discussion by the community on reddit about Centralized logging with Windows Event Forwarding. Some alternatives were also recommended.

2018.03.28. 13:46
Unfetter Analytic - Measure the effectiveness of your analytics

Unfetter Analytic is a reference implementation supported by The MITRE Corporation and the National Security Agency (NSA). This reference implementation uses NXLog to collect Windows events.

2017.12.14. 15:43
Industrial Cybersecurity - a new book by Pascal Ackerman

A new book was published recently titled Industrial Cybersecurity. This book is a one-step guide to understanding industrial cyber security, its control systems, and its operations. The book recommends NXLog to collect logs from a Windows system in chapter ICS Network Security.

2017.12.14. 15:36
DerbyCon talk mentioning NXLog's WEF to Linux capability

Eric Conrad gave a talk at at DerbyCon7 and mentioned NXLog being a cool solution that can collect Windows Eventlog remotely on Linux via Windows Event Forwarding. Check out the video on Youtube.

2017.12.14. 15:25
Florian Roth
Collecting #Sysmon Windows Security Auditing Events with #NXLog https://t.co/hFaaW8WmHf #DFIR #SIEM #SOC
2017.12.14. 12:55
Loggly, Inc.
Want to easily search your Windows #log data? Try #NXlog: https://t.co/mqQq1I960i
2017.12.14. 12:55
Florian Roth
I am about to start a PoC with #nxlog as an alternative to #SnareAgent https://t.co/qpManoJ3yd Anyone with experiences?
2017.12.14. 12:55
Central Syslog server with NXlog, Logstash & Kibana

You can find really powerfull tools for making a central syslog server in the Open Source world; from the “traditional” Rsyslog + LogAnalyzer setup to the new players like Graylog2.

2017.12.14. 12:55
SecNews
How To Do Endpoint Monitoring on a Shoestring Budget – Webcast Write-Up https://t.co/WYAT2fBoQ5 #EndpointMonitoring #BreadcrumbTrails #NXlog
2017.12.14. 12:55
Collecting Windows Logs with Nxlog

Finally, we have got the customer awareness to collect all of a system’s logs as a starting point to get more visibility inside his infrastructure.

2017.12.14. 12:55
NXLog For The Win

NXLog For The Win - an article that discusses how to set up NXLog with the ELK stack with a final conclusion: So overall, NxLog is amazing. :)

2018.01.17. 14:19