Comodo Help
Find the desired product help
Xcitium NxSIEM

Xcitium NxSIEM

Admin Guide 1.4

English

Print Help Download Help
Log Collection Agents And Policies > Log Collection Policies > Configuring Log Collection Policies
  • Introduction To Comodo NxSIEM
    • Logging-in To The Administrative Console
  • The Main Interface
  • The Dashboard
  • Customer Asset Management
    • Adding Customers
    • Adding Assets For Monitoring
      • Hard Assets
      • Soft Assets
    • Downloading And Installing The NxSIEM Agent On Endpoints
    • Configuring Nxlog And Rsyslog Servers To Send Logs To NxSIEM Server
    • Editing Customers
  • Log Collection Agents And Policies
    • Collection Agents
      • Downloading NxSIEM Windows And Linux Agents
      • Managing Agents
      • Agentless Log Collection
    • Log Collection Policies
      • Audit Events Policy
      • Flat File Policy
      • Remote Log Collection Policy
      • Syslog Policy
      • Configuring Log Collection Policies
  • Query Management
    • Configuring Event Queries
    • Configuring Custom Dashboards
  • Managing Rules
  • Incidents And Cases
    • Managing Incidents
    • Managing Cases
  • Live Lists
    • Managing Live Lists
    • Managing Live List Content
  • Managing Reports
  • Administration
    • Viewing Log Collection Summaries
    • Managing Users
    • Viewing License And Subscription Details And Configuring NxSIEM Platform URL
  • Appendix 1 – Field Groups And Event Items Description
  • Appendix 2 - Configuring Endpoints To Forward Logs To NxSIEM Server
  • About Comodo Security Solutions

Configuring Log Collection Policies

 

The new polices added as explained in the sections 'Audit Events Policy', 'Flat File Policy', 'Remote Log Collection Policy' and 'Syslog Policy' will be displayed in the 'Policy List' screen. The policies can now be deployed onto the systems added for the customers.


To open the 'Collection Policies' screen, click the 'Menu' button from the top right, choose 'Agents' and then click 'Collection Policies'.



From here, an administrator can:
  • Add a new policy
  • Edit a policy
  • Delete a policy
  • Deploy a policy
  • View policy deployment status


To add a new policy

  • Click the 'Add' button on the bottom of the screen.



Refer to the sections 'Audit Events Policy', 'Flat File Policy', 'Remote Log Collection Policy' and 'Syslog Policy' for details on adding different types of policies.


To edit a policy

  • Select the policy from the list that you want to edit and click the 'Edit' button at the bottom of the screen.




The configuration interface of the selected policy type will be displayed. Edit the details as required. The editing procedure is similar to adding a new policy process.. Refer to the sections 'Audit Events Policy', 'Flat File Policy', 'Remote Log Collection Policy' and 'Syslog Policy' for more details.


To delete a policy

  • Select the policy from the list that you want to remove and click the 'Delete' button at the bottom of the screen.




 

A confirmation dialog will appear.



 

  • Click 'Yes' to remove the policy.

If a policy is deleted it will be automatically removed from all the agents on which it was deployed.




To deploy a policy to an agent

  • Select the policy from the 'Policy List' pane at the right of the Collection Policies interface

The Policy Deployment pane at the right displays the list of all endpoints from all the customers. The endpoints on which the policy is already applied, are indicated with tick mark in the checkboxes beside them under each customer.

  • To deploy the selected policy to a new endpoint, select the checkbox beside it under the respective customer name.
  • To remove the policy from the endpoints de-select the checkboxes beside them under the respective customer name



 


  • Click the 'Deploy' button.




The 'Agents Count' column will also be updated and the number of agents on which the policy is deployed.


To view policy deployment status


 

The 'Agent Count' column in the 'Policy List' section displays the number of systems onto which the policies are deployed.





  • Click on a policy to view the systems onto which they are deployed.




Our Products
  • Free Antivirus
  • Free Internet Security
  • Website Malware Removal
  • Free Anti-Malware
  • Anti-Spam (Free Trial)
  • Windows Antivirus
  • Antivirus for Windows 7
  • Antivirus for Windows 8
  • Antivirus for Windows 10
  • Antivirus for MAC
  • Antivirus for Linux
  • Free Endpoint Security
  • Free ModSecurity
  • Free RMM
  • Free Website Malware Scanner
  • Free Device Manager for Android
  • Free Demo
  • Network Security
  • Endpoint Protection
  • Antivirus for Android
  • Comodo Antivirus
  • Wordpress Security
Cheap CDN
  • Bootstrap CDN
  • Semantic UI CDN
  • Jquery CDN
  • CDN Plans
  • CDN
  • Free CDN
Enterprise
  • Patch Management Software
  • Patch Manager
  • Service Desk
  • Website Down
  • Endpoint Protection Solutions
  • Website Security Check
  • Remote Monitoring and Management
  • Website Security
  • Device Manager
  • ITSM
  • CRM
  • MSP
  • Android Device Manager
  • MDR Services
  • Managed IT Support Services
  • Free EDR
Free SSL Certificate
Support Partners Terms and Conditions Privacy Policy

© Comodo Group, Inc. 2025. All rights reserved.