Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

1.IMPORTANCE

2.STEPS OF CONFIGURATION

3.VERIFICATION

IMPORTANCE

NXLOG is used to process the collected information from Windows event logs and forward these logs on to the OTM CCE.

STEPS OF CONFIGURATION:-

  • Login on collector/AD computer.

  • Download the latest version of nxlog. It is easiest to choose the Windows msi file which includes an installer. Use the link below for the community edition:

...

  • Open the nxlog.conf file in notepad .

  • Replace the configuration file by pasting the following - Note to replace the variable (IP Address of Seceon Collector) mentioned in point 52 below with the actual Seceon Server IP address:

...

  • Click on: Local Policies

...

  • Click on: audit PoilicyPolicy

...

  • Click on Success and failure checkbox >>apply >>ok .

...

Enable audit logs:  Windows- Enable Audit Logs/Policies

  • Open Command Prompt , once policies are enabled , and run the command gpupdate /force , to validate that the policies are enabled .

...

VERIFICATION:-

Can validate the success of configuration either on UI or on CCE server.

...