NXLog Legacy Documentation

IDS (Intrusion Detection System)

What is an Intrusion Detection System?

Description

An Intrusion Detection System is a hardware device or software application that monitors network activity and generates alerts for security violations. IDS can be host-based or network-based and apply a mixture of signature-based and anomaly-based detection techniques to identify threats. Any malicious activity or infringement is usually reported to an administrator or collected centrally through a security information and event management system (SIEM). Some intrusion detection systems are augmented with tools such as a honeypot to attract and categorize malicious traffic.

In the world of NXLog

Intrusion Detection Systems are among the essential aspects of cybersecurity for enterprises, and they heavily rely on logs. NXLog can simplify log analysis for an IDS by providing it with filtered, trimmed, parsed, and normalized records. In addition, NXLog can collect logs from diverse sources and send them to an IDS and other destinations simultaneously. Finally, IDSs also generate logs, which NXLog can collect and forward to a central repository.

Known as

IDS, Intrusion Detection System

Related

Cisco Intrusion Prevention Systems (CIDEE)
Centralized Log Collection


A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   R   S   T   U   V   W   X   Z

X

Z