Comodo Help
Find the desired product help
Xcitium NxSIEM

Xcitium NxSIEM

Admin Guide 1.4

English

Print Help Download Help
Log Collection Agents And Policies > Log Collection Policies > Audit Events Policy
  • Introduction To Comodo NxSIEM
    • Logging-in To The Administrative Console
  • The Main Interface
  • The Dashboard
  • Customer Asset Management
    • Adding Customers
    • Adding Assets For Monitoring
      • Hard Assets
      • Soft Assets
    • Downloading And Installing The NxSIEM Agent On Endpoints
    • Configuring Nxlog And Rsyslog Servers To Send Logs To NxSIEM Server
    • Editing Customers
  • Log Collection Agents And Policies
    • Collection Agents
      • Downloading NxSIEM Windows And Linux Agents
      • Managing Agents
      • Agentless Log Collection
    • Log Collection Policies
      • Audit Events Policy
      • Flat File Policy
      • Remote Log Collection Policy
      • Syslog Policy
      • Configuring Log Collection Policies
  • Query Management
    • Configuring Event Queries
    • Configuring Custom Dashboards
  • Managing Rules
  • Incidents And Cases
    • Managing Incidents
    • Managing Cases
  • Live Lists
    • Managing Live Lists
    • Managing Live List Content
  • Managing Reports
  • Administration
    • Viewing Log Collection Summaries
    • Managing Users
    • Viewing License And Subscription Details And Configuring NxSIEM Platform URL
  • Appendix 1 – Field Groups And Event Items Description
  • Appendix 2 - Configuring Endpoints To Forward Logs To NxSIEM Server
  • About Comodo Security Solutions

Audit Events Policy

 

 

The 'Audit Event' policy type allows administrators to collect logs from audit events at the endpoints. The audit event logs are available by default in Windows and Linux systems and this type of policy does not require any additional configuration. The administrator can create a schedule to collects logs and define a blackout period during which the agent will not collect logs. The newly created policy can then be deployed onto the agents installed in the customer's endpoints. Refer to the section 'Configuring Log Collection Policies' for more details.


To create an audit policy

  • Open the Collection Policies interface by clicking the 'Navigational Menu' button from the top right, choosing 'Agents' from the options and then clicking 'Collection Policies'.
  • Click the 'Add' button at the bottom of the 'Collection Policies' screen at the left.

The configuration screen for creating a new policy will be displayed.



 



  • Choose 'Audit' from the 'Policy Type' drop-down.

The configuration screen for Audit Policy will be displayed.




  • Enter a name for the new policy in the 'Policy Name' field at the top

The Audit policy does not require any additional configuration as it instructs the agent to collect logs from audit events and is to be always ON. Hence the configuration area at the right is disabled for this policy type.

  • Click the 'Submit' button to save your changes.


The policy will be added to NxSIEM and will be available for deployment to endpoints. Refer to the section 'Configuring Log Collection Policies' for more details on deploying the newly created policy onto customer's endpoints.



Our Products
  • Free Antivirus
  • Free Internet Security
  • Website Malware Removal
  • Free Anti-Malware
  • Anti-Spam (Free Trial)
  • Windows Antivirus
  • Antivirus for Windows 7
  • Antivirus for Windows 8
  • Antivirus for Windows 10
  • Antivirus for MAC
  • Antivirus for Linux
  • Free Endpoint Security
  • Free ModSecurity
  • Free RMM
  • Free Website Malware Scanner
  • Free Device Manager for Android
  • Free Demo
  • Network Security
  • Endpoint Protection
  • Antivirus for Android
  • Comodo Antivirus
  • Wordpress Security
Cheap CDN
  • Bootstrap CDN
  • Semantic UI CDN
  • Jquery CDN
  • CDN Plans
  • CDN
  • Free CDN
Enterprise
  • Patch Management Software
  • Patch Manager
  • Service Desk
  • Website Down
  • Endpoint Protection Solutions
  • Website Security Check
  • Remote Monitoring and Management
  • Website Security
  • Device Manager
  • ITSM
  • CRM
  • MSP
  • Android Device Manager
  • MDR Services
  • Ransomware Prevention
  • Managed IT Support Services
  • Free EDR
Free SSL Certificate
Support Partners Terms and Conditions Privacy Policy

© Comodo Group, Inc. 2024. All rights reserved.