cancel
Showing results for 
Search instead for 
Did you mean: 

Anyone tried using NXLOG to forward logs to ESM?

NXLOG looks like it could replace the McAfee Collector agent, Snare, Epilog, WEF, and other tools used to forward windows events, IIS logs, Exchange logs, and other text based logs across all platforms. Anyone tried it with ESM? How much work was involved configuring NXLOG to send the information in a data source format recognized by ESM?

1 Reply

Re: Anyone tried using NXLOG to forward logs to ESM?

Yes, we are using nxlog to forward events to ESM, however we are just using the snare output format.  We were looking to just use JSON, but since there is no built-in parsers for that, we decided to stick with the snare_syslog format.