NXLog
Updated Aug 28, 2023NXLog
NXLog is a third-party tool that collects and processes logs. Arctic Wolf® uses NXLog to package these log files into Snare files that are generated by the Windows Server domain controller directory service:
- Windows Event Logs
- DNS logs when configured
- DHCP logs if the DHCP service is installed on the same server
The Snare files are sent to the Arctic Wolf syslog listener, located on an Arctic Wolf Sensor or Virtual Log Collector (vLC), where they are preprocessed and then sent to the Arctic Wolf platform.