Versions Compared

Old Version 28

changes.mady.by.user Customer Success & Engineering (Unlicensed)

Saved on

compared with

New Version 29

changes.mady.by.user Customer Success & Engineering (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

OVERVIEW

NXLOG is used to process the collected information from Windows event logs and forward these logs to the OTM CCE.

...

Ref. link: https://docs.nxlog.co/userguide/configure/overview.html

Prerequisite

  • Login on collector/AD computer.

  • Download the latest version of nxlog. It is easiest to choose the Windows msi file which includes an installer. Use the link below for the community edition:

    http://nxlog.org/products/nxlog-community-edition/download    

...

STEPS OF CONFIGURATION

  • Open the Nxlog configuration file at :

...

  • Run notepad or notepad++ with the administrative rights.

  • Open the nxlog.conf file.

  • Replace the configuration file by pasting the following - Note to replace the variable (IP Address of Seceon Collector) mentioned in point 52 below with the actual Seceon Server IP address:

...

Enable audit logs:  Windows- Enable Audit Logs/Policies

  • Open Command Prompt, once policies are enabled, and run the command gpupdate /force, to validate that the policies are enabled.

...

VERIFICATION

Can validate the success of configuration either on UI or on CCE server.

...