NGINX Logs
Overview
Section titled “Overview”Evidence: NGINX Logs
Description: Collect NGINX Logs
Category: Applications
Platform: aix
Short Name: ngxl
Is Parsed: No
Sent to Investigation Hub: Yes
Collect File(s): Yes
Background
Section titled “Background”NGINX web server logs on macOS capture HTTP requests, errors, and server activities. Like Apache, NGINX can be installed via system packages or Homebrew, resulting in multiple possible log locations.
Data Collected
Section titled “Data Collected”This collector gathers structured data about nginx logs.
Collection Method
Section titled “Collection Method”This collector gathers NGINX logs from system directories, Intel-based Homebrew installations, Apple Silicon Homebrew installations, and user-specific Homebrew log directories.
Forensic Value
Section titled “Forensic Value”NGINX logs provide evidence of web attacks, API abuse, DDoS attempts, authentication failures, and suspicious request patterns. They’re essential for investigating web-based compromises and analyzing attacker behavior.