NXLog LinuxAudit
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Publisher | NXLog |
| Support Tier | Partner |
| Support Link | https://nxlog.co/support-tickets/add/support-ticket |
| Categories | domains |
| Version | 2.0.1 |
| Author | NXLog |
| First Published | 2022-05-05 |
| Solution Folder | NXLog LinuxAudit |
The NXLog LinuxAudit solution for Microsoft Sentinel enables you to ingest Linux security events. NXLog LinuxAudit supports custom audit rules and collects logs without auditd or any other user-space software. IP addresses and group/user IDs are resolved to their respective names making Linux audit logs more intelligible to security analysts.
Data Connectors
This solution provides 1 data connector(s):
🔶 CLv1: This connector ingests into a table that uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g.
_s,_d,_b,_t,_g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.
Tables Used
This solution uses 1 table(s):
| Table | Used By Connectors | Used By Content |
|---|---|---|
LinuxAudit_CL 🔶 |
NXLog LinuxAudit | - |
🔶 CLv1: This table uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g.
_s,_d,_b,_t,_g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊