Device | Details |
---|---|
Vendor | Oracle |
Device Type | Database |
Connection Type | Syslog |
Data Source Name | oracle-nxlog |
Data Source ID | 1975 |
If not done already, download nxlog.conf, and then place it in the conf
directory of your NXLog installation. Depending on which version you use, the directory can be C:\Program Files (x86)\nxlog\conf
for the 32-bit version or C:\Program Files\nxlog\conf for the 64-bit version.
Note: This step overwrites the default nxlog.conf file. You may want to back up the original copy before placing the one provided by AT&T Cybersecurity.
nxlog.conf
file in a text editor.
Update the root path of your NXLog installation.
Locate the following lines:
#define ROOT C:\Program Files\nxlog #define ROOT C:\Program Files (x86)\nxlog
Enter the Sheriff CSM Sensor IP address.
Locate the following line:
define OUTPUT_DESTINATION_ADDRESS <Sheriff-CSM-Sensor-IP>
<Sheriff-CSM-Sensor-IP>
with the IP address of the Sheriff CSM All-in-One or Sheriff CSM Sensor that will receive the Windows events.
Uncomment the section between ORACLER-NXLOG
and /ORACLER-NXLOG.
Important: Only remove the first # symbol in each line when uncommenting the sections. The remaining # symbol indicates that the line is either a comment or optional.
Save the file.