Operating System

File Integrity Monitoring Monitor file and directory changes with NXLog Agent.

Linux Audit A guide on collecting Linux audit logs.

Linux system logs Replace Rsyslog or similar logging agents with NXLog Agent.

File Integrity Monitoring Monitor file and directory changes with NXLog Agent.

Windows AppLocker Collect Windows AppLocker logs from Windows Event Log.

Windows Command Line Auditing Enable and collect process creation events from Windows Event Logs.

Windows Event Forwarding Configure NXLog Agent as a Windows Event Collector (WEC).

Windows Event Log A comprehensive guide to collecting local or remote Windows events.

Windows Group Policy Collect Windows GPO security and operational logs.

Windows PowerShell Collect PowerShell activity logs or extend NXLog Agent’s functionality with PowerShell.

Windows Resource Checker Collect System File Checker (sfc.exe) logs.

Windows Security audit A guide on configuring Windows auditing and collecting audit events from Windows Event Log.

Windows Task Scheduler Collect task management and monitoring events from Windows Event Log.

Windows Time service Collect Windows Time service (W32Time) events via ETW or from a file.

Windows Update Collect Windows Update service (wuauserv) events via ETW or from a file.

Windows USB auditing A guide to auditing USB activity on Windows.

WMI A guide to collecting Windows Management Instrumentation (WMI) activity logs.

macOS system logs Collect unified logging system (ULS) and Endpoint Security auditing logs.

NetApp ONTAP Collect logs from ONTAP, NetApp’s proprietary operating system.

Osquery A guide to collecting operating system logs with Osquery.

Sysmon Collect Sysinternals System Monitor (Sysmon) logs on Linux and Windows.