Blumira integrates with Microsoft Windows operating systems to provide automated threat detection and actionable response. Blumira supports the following Microsoft Windows server operating systems:
Blumira provides broad coverage for windows server including collecting logs and recommends using NXLog, Command Line Logging, DNS Debugging and Winlogbeat.
NXLog is a multi-platform log management tool that helps to easily identify security risks, policy breaches or analyze operational problems in server logs, operation system logs and application logs. In concept, NXLog is similar to syslog-ng or Rsyslog, but it is not limited to UNIX and syslog only.
define SENSOR 10.11.12.13
Enabling Additional Logging
If you are using Windows 2003
For instructions on how to configure detection for Windows Firewall using NXLog, please see the following documentation:
https://www.blumira.com/integration/microsoft-windows-firewall/
For instructions on how to configure detection for IIS using NXLog, please see the following documentation: https://www.blumira.com/integration/microsoft-windows-iis/
For instructions on how to configure detection for PowerShell using NXLog, please see the following documentation:
https://www.blumira.com/integration/windows-server-powershell/
For instructions on how to configure detection for DNS using NXLog, please see the following documentation: https://www.blumira.com/integration/microsoft-windows-dns/
Try out Blumira’s automated detection & response platform for free and deploy a cloud SIEM in hours.