- Product
Product Overview
Sophisticated security with unmatched simplicityCloud SIEM
Pre-configured detections across your environmentHoneypots
Deception technology to detect lateral movementEndpoint Visibility
Real-time monitoring with added detection & responseSecurity Reports
Data visualizations, compliance reports, and executive summariesAutomated Response
Detect, prioritize, and neutralize threats around the clockIntegrations
Cloud, on-prem, and open API connectionsXDR Platform
A complete view to identify risk, and things operational
- Pricing
- Why Blumira
Why Blumira
The Security Operations platform IT teams loveWatch A Demo
See Blumira in action and how it builds operational resilienceUse Cases
A unified security solution for every challengePricing
Unlimited data and predictable pricing structureCompany
Our human-centered approach to cybersecurityCompare Blumira
Find out how Blumira stacks up to similar security toolsIntegrations
Cloud, on-prem, and open API connectionsCustomer Stories
Learn how others like you found success with Blumira
- Solutions
- Partners
- Resources
September 29, 2020
What is Flowmira?
Flowmira is a set of customized NXLog configurations that can be used to generate data from Windows endpoints, used for greater visibility into host actions. We recommend using NXLog for Windows log collection.
What is NXLog?
NXLog is a multi-platform log shipping tool Blumira recommends using to help easily identify security risks, policy breaches or analyze operational problems in server logs, operation system logs, and application logs. In concept, NXLog is similar to syslog-ng or Rsyslog, but it is not limited to UNIX and syslog only.
Where can I get NXLog?
You can download the community edition for free from NXLog. If you require WEF, you should obtain a license for the Commercial version of NXLog. If you’re a Blumira customer, you can utilize the Logstash Module to collect WEF logs instead of purchasing a NXLog Commercial license.
Why does an organization need this?
Windows logs are an invaluable source of security visibility. That said, time is a precious commodity. Spend that scarce resource somewhere other than designing a log forwarding configuration file with a proprietary syntax.
With deeper insight into security risks, policy breaches or operational problems in server logs, you can identify any potential ongoing issues in your Windows environment early enough to address them faster.
What does it do?
The configuration file defines what local event logs to forward via the NXLog agent to the Blumira sensor or a traditional SIEM. Flowmira facilitates the process by pre-defining a number of security-centric event logs, including PowerShell, IIS, Windows Firewall, and classic Windows Event Logs.
Why did we create it?
Blumira is offering Flowmira to the public in order to help simplify Windows machine log collection for all organizations. These configurations can help you gain additional insight for better threat detection and response.
Check out Logmira, a set of group policy configurations for advanced Windows logging that you can download, free from Blumira. These were created by Blumira’s Sr. Incident Detection Engineer, Amanda Berlin to help increase Windows log visibility for threat detection, and to help meet compliance auditing requirements.
More from the blog
View All Posts
Security How-To
18 min read
| January 4, 2023
How To Manage Windows Firewall with GPOs
Read More
Product Updates
6 min read
| March 9, 2021
Product Update: Detect Microsoft Exchange Attacker Activity
Read More
Security How-To
5 min read
| November 18, 2020
Security Detections for a Hybrid Azure AD Join Environment
Read More