NGINX Logs

Overview

Evidence: NGINX Logs Description: Collect NGINX Logs Category: Applications Platform: macos Short Name: ngxl Is Parsed: No Sent to Investigation Hub: No Collect File(s): Yes

Background

NGINX web server logs on macOS capture HTTP requests, errors, and server activities. Like Apache, NGINX can be installed via system packages or Homebrew, resulting in multiple possible log locations.

Data Collected

This collector gathers structured data about nginx logs.

Collection Method

This collector gathers NGINX logs from system directories, Intel-based Homebrew installations, Apple Silicon Homebrew installations, and user-specific Homebrew log directories.

Forensic Value

NGINX logs provide evidence of web attacks, API abuse, DDoS attempts, authentication failures, and suspicious request patterns. They're essential for investigating web-based compromises and analyzing attacker behavior.