Video Tutorials

In this video, you’ll learn how to use NXLog Platform’s automatic agent enrollment feature. We demonstrate the difference between manual and automatic enrollment, highlight how NXLog Platform can streamline the process by automatically enrolling and configuring agents based on your custom rules. You'll see how to create and use auto-enroll rules, making it easier and more efficient to manage a large number of agents.

In this video, you will learn how to configure a transport relay agent using NXLog Platform’s visual configuration builder. The tutorial shows how to set up an agent that receives log data via UDP, TCP, SSL, and NXLog's own batchcompress protocol, and forwards the data to NXLog Platform. Following these steps ensures a convenient way to configure efficient and secure log forwarding in your environment.

In this video, you will learn how to create and configure a multi-domain SSL certificate for NXLog Platform using OpenSSL. The tutorial walks you through generating a CSR and private key for multiple subdomains and then importing the signed certificate into the OS where NXLog Platform is installed. This ensures secure communication across all subdomains used by NXLog Platform.

This video demonstrates the installation of NXLog Agent and how to configure it to connect it to NXLog Platform. You’ll learn how to modify the agent's configuration, connect it with NXLog Platform, and set up Windows log collection. The tutorial also covers securing communication between the NXLog Agent and NXLog Platform and sending logs to multiple destinations.

This video guides you through the deployment of an on-premises NXLog Platform instance. It covers each step in the installation process, from preparing your environment to setting up all necessary components. By following this tutorial, you'll ensure a successful installation of NXLog Platform for efficient log management.

In this video, you'll learn how to sign up for NXLog Platform. We guide you through account creation, authentication setup, and confirmation, ensuring you're ready to use NXLog's comprehensive logging solution. Follow along for a seamless sign-up process.

Application administrators may face various challenges when dealing with Kubernetes logging, one of them being that its flexibility and failure-recovery feature make data inside the cluster highly volatile. In this video tutorial, we demonstrate how to collect Kubernetes Cluster Logs using NXLog Enterprise Edition to tackle such challenges.

Explore how, as a system engineer, you can use the included macULS module to capture events directly from the macOS Unified Logging System. In this tutorial, Seth will showcase how NXLog Enterprise Edition and the included macULS module can be configured to capture several common user activities macOS administrators are often interested in, including user login, user logout, and privileged process execution.

A major cyberattack against Industrial Control Systems can not only pose a risk to valuable data and economic losses, but also a threat to human safety. Log monitoring became crucial to prevent these security breaches and NXLog Enterprise Edition brings reliability, flexibility, and ease of use in log collection known in other IT areas to the ICS/SCADA world. Watch now this demo on collecting ModBus protocol data and SCADA management logs from AVEVA SE CITECT SCADA and how you can send them to different destinations.More:Collecting logs from Industrial Control SystemsFlexible, cloud-backed Modbus/TCP log collection

With Passive Network Monitoring, administrators have the opportunity to capture network traffic from devices that are not configured or cannot be configured to forward network activity logs. This feature also lets security personnel to catch logs from rogue devices in the network that they might not be aware of.In this tutorial series, we'll be explaining the passive network monitoring abilities of NXLog Enterprise Edition to capture and log questionable network-related events such as Rogue DHCP Servers replies, unexpected ARP & ICMP Sweeps, and DNS Tunneling.The im_pcap module of NXLog Enterprise Edition provides support to passively monitor network traffic by generating logs for various protocols.

With Passive Network Monitoring, administrators have the opportunity to capture network traffic from devices that are not configured or cannot be configured to forward network activity logs. This feature also lets security personnel to catch logs from rogue devices in the network that they might not be aware of.In this tutorial series, we'll be explaining the passive network monitoring abilities of NXLog Enterprise Edition to capture and log questionable network-related events such as Rogue DHCP Servers replies, unexpected ARP & ICMP Sweeps, and DNS Tunneling.The im_pcap module of NXLog Enterprise Edition provides support to passively monitor network traffic by generating logs for various protocols.

With Passive Network Monitoring, administrators have the opportunity to capture network traffic from devices that are not configured or cannot be configured to forward network activity logs. This feature also lets security personnel to catch logs from rogue devices in the network that they might not be aware of.In this tutorial series, we'll be explaining the passive network monitoring abilities of NXLog Enterprise Edition to capture and log questionable network-related events such as Rogue DHCP Servers replies, unexpected ARP & ICMP Sweeps, and DNS Tunneling.The im_pcap module of NXLog Enterprise Edition provides support to passively monitor network traffic by generating logs for various protocols.

In this video, we are demonstrating file-based log compression and data at rest encryption with NXLog Enterprise Edition.Often when processing logs in an organization there may be a need to keep large amounts of logging data for extended periods of time on-premises. This may lead some administrators to send only select logs to their 3rd party SIEM while still needing to store all event logs elsewhere for archival, legal compliance, or other business needs for processing or review in the future. NXLog Enterprise Edition includes extension modules for both compression, and encryption to aid in both decreasing log storage burdens, and ensure that stored data is stored more safely, commonly known as data at rest protection.For more, read the documentation:Compression module (xm_zlib)Encryption module (xm_crypto)

In this tutorial, Seth will be demonstrating network connectivity and failover using a small lab environment consisting of a Windows machine (to generate events), five Linux servers for log collection, forwarding, and demonstrating failover situations, and another Linux server acting as a basic log ingestor that will display log data received and act as a mock SIEM to help us visualize log data.

The Splunk Universal Event Forwarder for Windows cannot collect ETW data. Other solutions can be used such as the NXLog im_etw module shown in this video. We show a demonstration of how you can use the NXLog ETW input module to collect and forward Event Tracing for Windows (ETW) data, write it in JSON structured data format, and forward it to Splunk.Use NXLog to collect other types of data on Windows and Linux platforms - from Windows EventLog to file-based log collection, file integrity monitoring, and more.

This short explainer video shows that you can collect and convert Windows EventLog to Syslog using NXLog. You can send the log output to a local file-system log file (shown in this video), to another server via TCP/UDP or to an external suite such as a SIEM.Generate log entries in the various Syslog formats - BSD Syslog, IETF Syslog, or Syslog extensions ArcSight Common Event Format (CEF), Common Event Expression (CEE), Log Event Extended Format (LEEF) or Snare.You can even extend Syslog and generate the log output as structured data such as JSON.