Use a configuration template
Templates are pre-defined configurations that you can use to set up your log collection pipeline easily. For more information, see our list of available templates.
While NXLog creates each template to match a specific SIEM, you must specify configuration parameters for your instance before you can assign a template to agents. These parameters, such as authentication keys and certificates, vary for each SIEM installation.
Follow these steps to apply a configuration template:
-
Navigate to Agents > Configurations and click the Add configuration button to open the configuration template editor.
-
Drag the solution pack you want to use from the Templates list to the main pane to open the configuration wizard.
-
Provide the necessary information to configure the template.
-
Once you complete the wizard, you can use the template editor to adjust the configuration, such as:
-
Add more routes if needed.
-
Configure any extension modules by clicking Extensions.
-
Change the agent’s remote management settings by clicking Agent communication settings.
Advanced users can also toggle View configuration as text to review the generated configuration. The resulting configuration file is divided into parts - expand Solution pack configuration snippet to see the configuration text associated with the template.
-
-
Once ready, click Save configuration to create the new configuration. If you haven’t finished the configuration and want to continue later, click Save draft to create a configuration draft. You cannot assign configuration drafts to agents.
-
Navigate to Agents > Configurations to find the new configuration and assign it to agents.