Nxlog taking MC Afee event and send it to another monitoring server

Post a different question
2
responses

Hi, i have an NXLOG server installed and i want it to take the antivirus event to another monitoring server. Do you know wich command i had to enter to take this log and push it to another server ?

AskedSeptember 3, 2018 - 1:04pm

Answer (1)

This is going to be very dependent on your environment. The basics are you are going to need an Input, and Output and a Route.
Input will read wherever your source log is coming from. (antivirus event in your case)
Output will be however you need to send to your monitoring server. (tcp, udp, http, etc)

I suggest giving the following section a read through. The manual has a lot of good information in it to help you configure various setups.
https://nxlog.co/documentation/nxlog-user-guide#config_overview

AnsweredSeptember 3, 2018 - 2:36pm

Comments (1)