Let's Talk

Kernel log

Description

Logs containing detailed information, including boot messages, hardware driver information, kernel status, and other kernel-related events within the operating system. Kernel logging is initialized from the system startup and is helpful for system auditing and troubleshooting hardware, driver, and startup issues.

NXLog Agent provides several input modules for collecting kernel logs:

The Kernel module for collecting Linux and BSD kernel events.
The macOS ULS and macOS Endpoint Security modules.
The Event Tracing for Windows and Event Log for Windows modules.

Also known as

kernel trace, kernel trace log, kernel messages, kernel events, Linux kernel log, Windows kernel log

See also

Collecting kernel events with NXLog for analysis in the Elastic stack

A

Agent-based log collection

Agentless log collection

Agent management

Automatic enrollment

B

C

CEF (Common Event Format)

CSV (Comma-separated Values)

Customer portal

D

DNS (Domain Name System)

E

Endpoint security

EPS (Events Per Second)

ETW (Event Tracing for Windows)

Event correlation

F

G

GELF (Graylog Extended Log Format)

I

ICMP (Internet Control Message Protocol)

IDS (Intrusion Detection System)

J

JSON (JavaScript Object Notation)

K

KVP (Key-Value Pair)

L

LEEF (Log Event Extended Format)

Log centralization

Log normalization

M

Multi-line logs

N

O

P

PCI-DSS (Payment Card Industry Data Security Standard)

R

S

SIEM (Security Information and Event Management)

SNMP (Simple Network Management Protocol)

Structured logging

T

TCP (Transmission Control Protocol)

TLS (Transport Layer Security)

U

UDP (User Datagram Protocol)

W

W3C Extended Log File Format

WEC (Windows Event Collector)

WEF (Windows Event Forwarding)

Windows event ID

WMI (Windows Management Instrumentation)

X