NXLOG looks like it could replace the McAfee Collector agent, Snare, Epilog, WEF, and other tools used to forward windows events, IIS logs, Exchange logs, and other text based logs across all platforms. Anyone tried it with ESM? How much work was involved configuring NXLOG to send the information in a data source format recognized by ESM?
Yes, we are using nxlog to forward events to ESM, however we are just using the snare output format. We were looking to just use JSON, but since there is no built-in parsers for that, we decided to stick with the snare_syslog format.