NXLog search
Let's Talk Start free
Let's Talk
1.08

Log normalization

Description

The process of formatting telemetry data according to the platform taxonomy when forwarding events to a SIEM or log analysis tool. Almost all SIEM solutions have taxonomies for different types of logs. Normalization enables SIEMs to efficiently interpret logs from diverse sources, facilitates event correlation, and makes it easier for you to work with the data in dashboards and reports.

NXLog Agent can translate logs from different sources into a unified taxonomy. It supports mapping event fields to the required schema, enriching log records with additional fields, and converting events into a different data format. Normalization may require log records to include standard metadata fields, such as labels describing the environment where the event originated and keywords to tag the event. Such data might not be part of the original event record but must be added from an external source.

Also known as

normalizing logs, log transformation, normalizing log data, data normalization

See also

Normalize logs with NXLog Agent

A

Access rules

Agent

Agent-based log collection

Agentless log collection

Agent management

Audit log

Automatic enrollment

B

Bandwidth

C

CEF (Common Event Format)

Configuration

CSV (Comma-separated Values)

Customer

Customer portal

D

Deployment

DNS (Domain Name System)

E

Endpoint security

Enroll

EPS (Events Per Second)

ETW (Event Tracing for Windows)

Event correlation

F

Failover

G

GELF (Graylog Extended Log Format)

I

ICMP (Internet Control Message Protocol)

IDS (Intrusion Detection System)

J

JSON (JavaScript Object Notation)

K

Kernel log

KVP (Key-Value Pair)

L

LEEF (Log Event Extended Format)

Log centralization

Log normalization

Log parsing

Log source

Log storage

Log type

M

Multi-line logs

N

NetFlow

O

Organization

P

PCI-DSS (Payment Card Industry Data Security Standard)

Protocol

R

Relay

S

SIEM (Security Information and Event Management)

SNMP (Simple Network Management Protocol)

Structured logging

Subscription

Syslog

T

TCP (Transmission Control Protocol)

Tenant

TLS (Transport Layer Security)

U

UDP (User Datagram Protocol)

User role

W

W3C Extended Log File Format

WEC (Windows Event Collector)

WEF (Windows Event Forwarding)

Windows event ID

WMI (Windows Management Instrumentation)

X

XPath

© Copyright NXLog Ltd.

PRIVACY POLICY GENERAL TERMS OF BUSINESS