Collect logs from various solutions and services
events using APIs
The add-ons are currently offered as technology previews. If you need more information, please get in touch here.
NXLog Azure & Office 365
This add-on can retrieve information about various user, admin, system, and policy actions and events from Microsoft Azure and Office 365. Once configured, the add-on sends syslog messages, each with a JSON payload, to standard output, which NXLog can collect and process.
The Salesforce add-on provides support for fetching Event Log Files from Salesforce with NXLog. The script collects Event Log Files from a Salesforce instance by periodically running SOQL queries via the REST API.
The nxlog-xchg add-on can be used to retrieve administrator audit logs and mailbox audit logs. These logs include events initiated by administrators or users who have made changes to the organization.
Using the Okta’s REST API, this add-on fetches events from Okta that are then passed to NXLog in syslog format with the JSON event in the message field.
NXLog Amazon S3
This add-on can collect events from Amazon S3 cloud storage as well as send events to it. This is accomplished using NXLog’s input and output modules for Python along with Boto3, the AWS SDK for Python.
NXLog Cisco eStreamer
The eStreamer add-on can be used with NXLog to collect events from a Cisco FireSIGHT System. NXLog uses the Cisco Event Streamer (eStreamer) API to communicate with the FireSIGHT System.
NXLog Google Logging API
This NXLog add-on uses the Google Logging API along with gRPC and protocol buffers to exchange log data. The add-on’s input component retrieves logs, whereas its output component writes them to the Logging API files.
NXLog Cisco IPS
The Cisco IPS add-on can receive alerts from IPS-enabled devices. NXLog uses the Security Device Event Exchange (SDEE) API to communicates with IPS devices.