Back to listing

Secure log collection from DMZ

Other Solutions

leftorbit23
free!

Published

28 Dec 05:31

Last Push

29 Dec 09:45

Marketplace Rating

Discussion

2 Comments

Your Rating

Please sign in to rate this add-on.

Comments

m0ps over 2 years ago

Pastebin preformatted config - http://pastebin.com/iHpm0Dty

m0ps over 2 years ago

nxlog.conf example for linux:

## This is a sample configuration file. See the nxlog reference manual about the
## configuration options. It should be installed locally under
## /usr/share/doc/nxlog-ce/ and is also available online at
## http://nxlog.org/docs

########################################
# Global directives #
########################################
User nxlog
Group nxlog

LogFile /var/log/nxlog/nxlog.log
LogLevel INFO

########################################
# Modules #
########################################

Module xm_json


Module im_file
File '/var/log/auth.log'
InputType LineBased
SavePos True
ReadFromLast True
PollInterval 1
Exec $FileName = file_name(); # Send file name with each message


Module om_ssl
Host graylog-dmz.domain.com
Port 12201
CAFile /etc/ssl/itp/intropro.ca-bundle
#AllowUntrusted TRUE
OutputType LineBased
Exec $Hostname = hostname();
Exec $Message = $raw_event; to_json();

########################################
# Routes #
########################################

Path auth-log => graylog-dmz

Please sign in to comment.

Back to listing