Deploy NXLog Agent with Microsoft GPO

These steps were tested with a Windows Server 2016 domain controller and a Windows 7 client. There are multiple ways to configure NXLog deployment with Group Policy. The required steps for your network may vary from those listed below.

Log on to the server as an administrator.
Set up an Active Directory group for computers requiring an NXLog Agent installation.
1. Open the Active Directory Users and Groups console (dsa.msc).
2. Under the domain, right-click on Computers and click Group.
3. Provide a name for the group (for example, nxlog). Use the Security group type and Global context (or the context suitable for your case).
4. Add computers to the group by selecting one or more, clicking Add to a group…, and entering the group name (nxlog).

Create a network share for distributing the NXLog Agent files.

Create a folder in the desired location (for example, C:\nxlog-dist).
Set up the folder as a share: right-click, select Properties, open the Sharing tab, and click Share….
Add the group (nxlog) and click Share. Take note of the share name provided by the wizard, it will be needed later (for example, \\WINSERV1\nxlog-dist).

Copy the required files to the shared folder. This will include at least two files: nxlog-6.3.9431_windows_x64.msi, and managed.conf.

The file managed.conf is located in the C:\Program Files\nxlog\conf\nxlog.d\ directory, and it has to contain the configuration to connect to NXLog Agent Platform. The basic configuration can be downloaded by navigating to Agents > Agents in NXLog Agent Platform and clicking on Add new Agent. The downloaded config will include the correct settings, wich you only need to copy.

Create a Group Policy Object (GPO) for the NXLog Agent deployment.
1. Open the Group Policy Management console (gpmc.msc).
2. In the console tree, under Domains, right-click on your domain and click Create a GPO in this domain, and Link it here…; this will create a GPO under the Group Policy Objects folder and link it to the domain.
3. Name the GPO (for example, nxlog) and click OK.
4. Select the newly created GPO in the tree.
5. In the Security Filtering list, add the Active Directory group created in step 2 (nxlog). Remove anything else.
6. Right-click on the GPO and click Edit. The Group Policy Management Editor console will be opened for editing the GPO.
Add the NXLog Agent MSI to the GPO.

Figure 1. Configured NXLog Agent GPO
1. Under Computer Configuration > Policies > Software Settings, right-click Software installation. Click New > Package… to create a deployment package for NXLog Agent.
2. Browse to the network share and open the nxlog-6.3.9431_windows_x64.msi package. It is important to use the Uniform Naming Convention (UNC) path (for example, \\WINSERV1\nxlog-dist) so the file will be accessible by remote computers.
3. Select the Assigned deployment method.
Add the required files to the GPO by following these steps for each file.
1. Under Computer Configuration > Preferences > Windows Settings, right-click on Files. Click New > File.
2. Select the Replace action in the drop-down.
3. Choose the source file on the network share (\\WINSERV1\nxlog-dist\managed.conf).
4. Type in the destination path for the file (C:\Program Files\nxlog\conf\nxlog.d\managed.conf).
5. Check Apply once and do not reapply under the Common tab for files that should only be deployed once. This is especially important for managed.conf because NXLog Platform will write configuration changes to that file.
6. Click OK to create the File in the GPO.
After the Group Policy is updated on the clients and NXLog Agent is installed, one more reboot will be required before the NXLog Agent service starts automatically.

For more information about Group Policy, see the following articles on Microsoft Learn: