Interesting discussion in a thread about open source SIEM at the Educause Security Discussion mailing list. Don't believe that 'nothing integrates' with your SIEM. Log collection agents such as ours can be integrated with your SIEM solution regardless if it is open source or not.
Logging infrastructures mainly focus on SIEM analytics and correlations while log collection, log enrichment and log shipping end up taking a back seat. This uneven focus may result in unstructured or decentralized logging which can hinder information security, business continuity and regulatory compliance efforts. We offer a solution to the most pressing challenges organizations face when it comes to central log collection and SIEM optimization. Download our eBook today.
The NXLog Enterprise Edition listed in this extensive guide "Migrating AIX Workloads to Azure: Approaches and Best Practices".
The Securing a Windows network thread, has some great advice for Windows sysadmins. Including this note by a user: "Setup graylog or some other log consolidation tool and use nxlog on everything to start a logging repository." We have extensive documentation and a number of features for securely setting up log collection on your Windows systems, applications and tools as well as integrations with numerous third party suites including Graylog and Elasticsearch/Kibana.
From a user on sending log files to Graylog: "I do like a good bit of NXLog, the community edition covers most of the features you need and they have some brilliant guides on how to get DNS and DHCP logs out of Windows (along with all other kinds of logs). Worth looking at the sysmon agent for Windows as well to get some really high quality logs out." See our Graylog integration guide here.
"#NXLog is the workhorse of @Windows #logging plugins" - read this integration guide by LogDNA, a platform for log analysis and insights.
The presentation by Michel de Crevoisier of Radar Cyber Security, "Facing the challenge(s) of Windows logs collection to leverage valuable IOCs", presented at Swiss Cyber Storm this week suggests NXLog as a solution to collect DNS transaction logs, to read and forward ETW logs, and for WEF/WEC.
NXLog a recommended log collector in the most recent official GSEC guidebook for security professionals "GSEC GIAC Security Essentials Certification All-in-One Exam Guide, Second Edition" released on August 2019. Get started with your own log collection via the NXLog Community Edition or Enterprise Edition and start gathering logs to SIEM suites.
McAfee has announced, at the Black Hat USA security conference, the McAfee Security Innovation Alliance (SIA) program of which NXLog is a part of. The inclusion of NXLog Enterprise Edition is evidence of a mutual commitment to empower security teams. Learn how to integrate with McAfee ESM here.
NXLog was recently interviewed in the special SIEM edition of Enterprise Security Magazine. Read the rest of the interview to level up and learn more about why the choice of log collector is important, regardless of the SIEM used.
New post published on the OVH website sharing their insights. "Sending Windows Logs with NXLog to Logs Data Platform in 15 minutes or less". Great feedback also - "one of the leader of the log management tools. Its configuration is fairly simple and can get you started in a few minutes."
NXLog mentioned as a suggested agent for host-based logging in this talk "Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework". View the entire video and read the PDF. Read more about integrating with Elasticsearch and Kibana here.
Three newly updated articles from Nagios within the last 1-2 months on configuring NXLog with Nagios Log Server. "Sending NXLogs with SSL/TLS" (last update March 2019), "Configuring NXLog To Send Additional Log Files" (last update Feb 2019) and "Configuring NXLog To Send Multi-Line Log Files" (last update on Feb 2019). Feel free to reach out to our Community Forum for help!