NXLog and AD Sensor Update

Updated Sep 5, 2023

Update NXLog and AD Sensor

NXLog is used in conjunction with AD Sensor to provide telemetry into the Arctic Wolf security triage pipeline. To update both applications:

  1. (Optional) Create a backup of your nxlog.conf file if you use NXLog for purposes other than AD Sensor.

    During the installation of NXLog, the existing nxlog.conf file is overwritten.

  2. Uninstall AD Sensor.

  3. Delete any AD Sensor folders or files from these paths that were not removed during the uninstall:

    • C:\Program Files (x86)\Arctic Wolf Networks\nxlog-client
    • C:\Program Files (x86)\nxlog\conf
  4. Uninstall NXLog.

  5. Install NXLog.

  6. If you created a backup of your nxlog.conf file, restore your NXLog custom configuration.

  7. Download the AD Sensor installation files.

  8. Install AD Sensor on each domain controller.

  9. Restart the NXLog service.