NXLog search
Let's talk Start free
Let's talk Start free
1.04

Deploy NXLog Agent with Microsoft GPO

Microsoft GPO allows you to install software packages on target machines automatically. This guide provides step-by-step instructions on configuring the necessary settings and creating a GPO to deploy NXLog Agent.

We tested these instructions on a Windows Server 2016 Domain Controller. The steps may vary slightly on different Windows versions.

Prerequisites and assumptions

Before proceeding, ensure you have the following.

  • Microsoft Active Directory Domain Controller — Access to a Microsoft AD Domain Controller server where you will configure the GPO.

  • NXLog Platform — Installed and configured. See Install NXLog Platform on-premises in the NXLog Platform User Guide.

  • NXP_ADDRESS and NXP_AGENT_LABEL — You must have these values to pass to the NXLog Agent installation.

    • NXP_ADDRESS is the NXLog Platform Agent Management URL and port. You must replace agents.nxlog.example.com:5515 with agents.<YOURDOMAIN>:5515 in the instructions below.

      For more details, see Connecting to NXLog Platform in the NXLog Agent Reference Manual.

    • NXP_AGENT_LABEL is a label that identifies the agent. You can use this label when creating auto-enroll rules so that your NXLog Agent instances automatically download and apply preset configurations to start collecting logs immediately.

      See Set up automatic agent enrollment for more information.

  • NXLog Agent installer — From the NXLog Platform Home page, click Download under System setup to download the Windows MSI file. You may need to log in to your NXLog Platform online account.

Edit the NXLog Agent installer MSI

Deploying packages through Microsoft GPO does not support passing command line arguments to the MSI file, which is required for NXLog Agent to connect to NXLog Platform automatically. However, it supports specifying a transform file to apply changes to the installation properties. You can easily create a transform file to change the required properties with software like InstEd.

  1. Download and install InstEd.

  2. Click File > Open and select the NXLog Agent MSI file.

  3. From the top menu, choose Transform > New Transform.

  4. Enter a name for the file and select the location where you want to save it.

  5. Click on the Tables tab and select Property from the list.

  6. Replace the value of NXP_ADDRESS and NXP_AGENT_LABEL with your values.

    Creating an MSI transform with InstEd

  7. From the top menu, choose File > Save to save the transform.

  8. Copy the saved MST file to your Domain Controller.

Install NXLog Agent

Follow these steps to create a GPO that installs NXLog Agent on the necessary machines.

  1. Log on to your Domain Controller with an administrator account.

  2. Set up an Active Directory group for computers requiring NXLog Agent:

    1. Open the Active Directory Users and Groups console (dsa.msc).

    2. Under your domain, right-click on Computers and choose New > Group.

    3. Enter a name for the group. For example, nxlog.

    4. Choose the Security group type and the scope suitable for your case and click OK.

    5. Right-click on the new group and select Properties. Add computers from the Members tab as necessary.

  3. Create a network share for distributing the NXLog Agent installer file:

    1. Create a folder in the desired location. For example, C:\nxlog-dist.

    2. Right-click on the folder and select Properties.

    3. Switch to the Sharing tab and click Share….

    4. Add the group you created in the previous step and click Share. Take note of the share name provided by the wizard. For example, \\DC-1\nxlog-dist.

    5. Copy the NXLog Agent installation file to the shared folder.

  4. Create a Group Policy Object (GPO) to install NXLog Agent:

    1. Open the Group Policy Management console (gpmc.msc).

    2. Under Domains, right-click on your domain and click Create a GPO in this domain, and Link it here….

    3. Enter a name for the GPO and click OK.

    4. Select the new GPO in the tree.

    5. In the Security Filtering list, add the Active Directory group created above. Remove any other accounts added by default.

    6. Right-click on the GPO and click Edit. The Group Policy Management Editor console will open.

  5. Add the NXLog Agent installation to the GPO:

    1. Expand Computer Configuration > Policies > Software Settings and right-click Software installation.

    2. Choose New > Package….

    3. Browse to the network share you created above and select the NXLog Agent installer MSI. It is important to use the Uniform Naming Convention (UNC) path so remote computers can access the file. For example, \\DC-1\nxlog-dist.

    4. Select Advanced and click OK.

    5. Switch to the Modifications tab and add the MST file you created above.

    6. Click OK to save the settings.

      Group Policy Management Editor

  6. Once the Group Policy is updated on the remote machines, for example, after a reboot, it will install and start NXLog Agent. If you followed the instructions to Edit the NXLog Agent installer MSI above, NXLog Agent will automatically connect to your NXLog Platform instance.

For more information about Group Policy, see the following articles on Microsoft Learn:

© Copyright 2024 NXLog Ltd.

PRIVACY POLICY GENERAL TERMS OF BUSINESS