You are here:
Docs
>
Sheriff Web
>
UserGuides
>
SheriffCSMDocumentation
>
DeploymentGuide
>
PluginManagement
>
ConfigureLogForwardingOnCommonlyUsedDataSources
>
NXLogPlugins
(13 Jun 2021,
SheriffCyberSecurity
)
Edit
Attach
Up
Previous
Next
Sheriff CSMâ„¢
NXLog Plugins
Microsoft Windows includes different categories of logs (Security, System, or Application event logs) to record important software and hardware events, which you may want to correlate in Sheriff CSM. There are different ways to collect logs from Windows machines, Sheriff supports HIDS and NXLog. For HIDS instructions, including how to deploy HIDS agents, how to configure file integrity monitoring, as well as how to configure HIDS agent to read a log file on Windows, see
Sheriff HIDS
.
NXLog works similarly to syslog-ng or rsyslog but is not limited to UNIX/Linux systems. It supports multiple platforms including Microsoft Windows. Sheriff CSM has different NXLog plugins for different Microsoft and non-Microsoft products, for both the NXLog Community Edition and the NXLog Enterprise Edition. Click the corresponding link below for details.
Microsoft DHCP Server through NXLog
Microsoft DNS Server through NXLog
Microsoft Exchange Server through NXLog
Microsoft IIS through NXLog
Microsoft IIS FTP Server through NXLog
Microsoft IIS SMTP Server through NXLog
Microsoft NPS through NXLog
Microsoft SCOM through NXLog
Microsoft SQL Server through NXLog
Microsoft Sysmon through NXLog
Microsoft Windows Event Logs through NXLog
Microsoft Windows Firewall through NXLog
Netwrix Auditor through NXLog
ObserveIT through NXLog
Oracle through NXLog
Sophos Enterprise Console through NXLog
Wing FTP Server through NXLog
E
dit
|
A
ttach
|
P
rint version
|
H
istory
: r4
<
r3
<
r2
<
r1
|
B
acklinks
|
V
iew wiki text
|
Edit
w
iki text
|
M
ore topic actions
Topic revision: r4 - 13 Jun 2021,
SheriffCyberSecurity
Sheriff
User Guides
Sheriff CSM
Deployment Guide
User Guide
MicrosoftDHCPServerThroughNXLog
MicrosoftDNSServerThroughNXLog
MicrosoftExchangeServerThroughNXLog
MicrosoftIISFTPServerThroughNXLog
MicrosoftIISSMTPServerThroughNXLog
MicrosoftIISThroughNXLog
MicrosoftNPSThroughNXLog
MicrosoftSCOMThroughNXLog
MicrosoftSQLServerThroughNXLog
MicrosoftSysmonThroughNXLog
MicrosoftWindowsEventLogsThroughNXLog
MicrosoftWindowsFirewallThroughNXLog
NetwrixAuditorThroughNXLog
ObserveITThroughNXLog
OracleThroughNXLog
SophosEnterpriseConsoleThroughNXLog
WingFTPServerThroughNXLog
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.