NXLog Interview in the SIEM edition of Enterprise Security Magazine

NXLog was recently interviewed in the special SIEM edition of Enterprise Security Magazine. Read the rest of the interview to level up and learn more about why the choice of log collector is important, regardless of the SIEM used.

2019.07.18. 14:29
New how-to guide from the OVH community: Sending Windows Logs with NXLog

New post published on the OVH website sharing their insights. "Sending Windows Logs with NXLog to Logs Data Platform in 15 minutes or less". Great feedback also - "one of the leader of the log management tools. Its configuration is fairly simple and can get you started in a few minutes."

2019.04.24. 12:12
NXLog mentioned at talk "Post-Exploitation Hunting with ATT&CK & Elastic"

NXLog mentioned as a suggested agent for host-based logging in this talk "Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework". View the entire video and read the PDF. Read more about integrating with Elasticsearch and Kibana here.

2019.04.05. 10:03
Three newly updated resources from Nagios

Three newly updated articles from Nagios within the last 1-2 months on configuring NXLog with Nagios Log Server. "Sending NXLogs with SSL/TLS" (last update March 2019), "Configuring NXLog To Send Additional Log Files" (last update Feb 2019) and "Configuring NXLog To Send Multi-Line Log Files" (last update on Feb 2019). Feel free to reach out to our Community Forum for help!

2019.03.31. 17:45
Using log shipper such as NXLog for Windows is the best way to do it

Interesting post by Logmatic aimed at Golang developers working with logging libraries. NXLog recommended as log collector for Windows, but you can also use NXLog to replace Rsyslog.

2019.03.20. 20:49
Reducing security risks with centralized logging

Logging and log analysis are essential to securing infrastructure, particularly when we consider common vulnerabilities. This article, based on writer's lightning talk Let's use centralized log collection to make incident response teams happy at FOSDEM'19, aims to raise awareness about the security concerns around insufficient logging, offer a way to avoid the risk, and advocate for more secure practices.

2019.02.26. 21:28
How to solve the challenge of centralized logging with NXlog

Infomentum shares how they have solved the challenge of centralized logging with NXLog Community Edition. "One of the challenges we faced was shipping Windows Server logs from a logfile onto Logstash’s syslog listener, and we found a tool that does exactly that - nxlog-ce-2.9.1716".

2019.02.22. 21:00
Everything You Never Knew (but Need to) About Endpoint Security

"Digital threats have undergone massive change in recent years. Because of this, it’s critical to develop an incident response plan that allows you to ward off cyber attacks. Many programs on the market can help you do this, but a few of the top are Elasticsearch, NXLog, and Kibana." - suggests an article on Security Boulevard.

2019.02.22. 20:57
A Security Logging Admins Cookbook

NXLog suggested in this thread. If you are getting started with security logging and your SIEM, have a look at our User Guide for integrations.

2019.02.19. 21:24
PowerShell Best Practice Security

"Not sure what SIEM you're using, but check out greylog with nxlog clients. Pretty good stuff." - says Reddit member while discussing about Powershell Best practice Security.

Another topic on Reddit discusses Windows file auditing and reporting. "Is there a way to export or create a report from the Windows Security log about the kind of activity a user has been having on a network share?" Yes, as one user suggests - try combo of Graylog + NXLog.

NXLog integration docs with Graylog can be found here under NXLog User Guide.

2019.01.04. 08:42
BDS Podcast on Windows Event Forwarding (WEF)

This podcast discusses Windows Event Forwarding (WEF) by/for IT security practitioners. NXLog EE can be configured for Windows Event Forwarding. See the YouTube description for additional links including a link to NXLog conf example.

2018.11.23. 08:46
Universal Event Formats in InsightIDR: A Step-by-Step NXLog Guide

The blog post written by Rapid7 is a step-by-step walkthrough of using NXLog to transform an ingress authentication log into UEF.

2018.10.17. 10:10
What is everyone using for file and security monitoring of servers and systems?

Can you make this happen for free? No doubt. As one Reddit member says - "Our org for $0 yearly does the following. Dump every log using NXLog to Graylog."

2018.09.25. 14:35
Best open source way to collect and filter Windows Event logs from several servers

With nxlog as log forwarder to graylog. You can specify in nxlog config which events you want to be forwarder.

2018.09.25. 14:26
Recommendations for setup to send client rsyslog messages

Why not nxlog for the log server as well? It’s beautiful. Highly recommended - easy XML config, decent documentation, good info and example config around. I’ve used external scripts, kvp parsing, json formatting, GELF to graylog, all works great.

2018.09.25. 14:24