This article explains how to send logs from a Windows system to Graylog using NXLog on the Windows system. We’re starting with a working Graylog server and a Windows system. Install NXLog on Windows using the defaults (or change as you like). Update the configuration file at “C:\Program Files\nxlog\conf\nxlog.conf” to
Read moreApache Example Configuration for GeoIP Fencing, SSL/TLS Termination, and Reverse Proxy
This article shows an example configuration that will achieve three objectives: Provide GeoIP Fending, Provide SSL/TLS Termination, and server as a Reverse Proxy. In this example we’re using Ubuntu 22.04. Connections coming in on HTTP (port 80) are redirected to HTTPS (port 443) which is where the GeoIP Fencing takes
Read moreNXLog Example Configuration File – Sending Logs From Windows to Syslog in JSON Format
This article explains how to send logs from Windows systems to Syslog servers using NXLog (community edition). In this case we’re sending to Syslog listening on TCP. NXLog is easy enough to install but the configuration process is not so easy. Because Windows EventLog uses many more fields than Syslog,
Read moreComparing Syslog Formats – BSD RFC3164 vs IETF RFC5424
This article compares the two Syslog formats. If you can’t decide, consider “IETF RFC 5424”. This article compares two log entries using different Syslog formats. The event is the same for both entries – logging into a Synology server’s web portal. The user “agix” is logging in from host “10.1.1.100”.
Read moreRunning LogStash in Docker
This is a short HowTo for running LogStash in Docker. We’re using Ubuntu 22.04. Install Docker and create our directory structure: apt install docker docker.io mkdir ~/logstash mkdir ~/logstash/config/ ~/logstash/pipeline/ Create the Dockerfile file “~/Dockerfile”: # The image to use: FROM docker.elastic.co/logstash/logstash:8.15.0 # Remove the pre-existing config file from within
Read moreAndroid VPN (Always On) with pfSense
This article shows the settings on the pfSense and Android device for the always on IPSec VPN. The best article to start with is “https://docs.netgate.com/pfsense/en/latest/recipes/ipsec-mobile-ikev2-client-android.html”. Then compare your settings to those on this page if you need more help than the linked article provides. The VPN cryptographic settings are: Phase
Read moreInstalling Graylog Open on Ubuntu 22.04
This article is a walkthrough for installing “Graylog Open 6” and leverages the documentation at “https://go2docs.graylog.org/current/downloading_and_installing_graylog/ubuntu_installation.html” and “https://www.mongodb.com/docs/manual/tutorial/install-mongodb-on-ubuntu/”. We’re using Ubuntu 22.04 because 24.04 is not supported using the documentation linked above. We’re starting from a fresh “standard” Ubuntu 22.04 installation. Our resources are “4GB RAM, 8 CPU Cores, 25GB
Read moreTop Tips To Avoid Being Scammed (Business Focused)
This list is relevant to businesses, but the same principles apply to our personal lives. The objective is to not be scammed, obviously. But to do that, we need to identify when we’re the target. This list will help, and is most effective when the key players within your business
Read morepfSense in the Cloud with Unifi at the Sites
Case Study – Using pfSense in the cloud while using Unifi at multiple sites around the world Our client had Unifi gear at each site around the world – about 6 sites. The client intended to put their servers in the AWS cloud and link each site to the AWS
Read moreReplacing Firewalls in a Large Medical Corporation
Case Study – Replacing Firewalls in a Large Medical Corporation, and building a large site-to-site VPN with remote-access A client we’ve worked with for a few years decided to move from their existing firewall brand and model to Netgate pfSense. AGIX is a Netgate partner and well suited to assist,
Read more