Skip to content

Instantly share code, notes, and snippets.

@jfrantz1-r7

jfrantz1-r7/gist:d4b44fbf86b014314e50faafdc445a76

Created July 21, 2020 13:48
Show Gist options
  • Save jfrantz1-r7/d4b44fbf86b014314e50faafdc445a76 to your computer and use it in GitHub Desktop.
Save jfrantz1-r7/d4b44fbf86b014314e50faafdc445a76 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
Panic Soft
#NoFreeOnExit TRUE
define ROOT C:\Program Files (x86)\nxlog
define CERTDIR %ROOT%\cert
define CONFDIR %ROOT%\conf
define LOGDIR %ROOT%\data
define LOGFILE %LOGDIR%\nxlog.log
LogFile %LOGFILE%
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
<Extension _json>
Module xm_json
</Extension>
<Input eventlog>
Module im_msvistalog
<QueryXML>
<QueryList>
<Query Id='0'><Select Path='Security'>*</Select></Query>
</QueryList>
</QueryXML>
Exec to_json();
</Input>
<Output tcp>
Module om_tcp
##InsightIDR Collector IP Address
Host 10.100.2.39
##Port for our IDR event source
Port 5140
</Output>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment