Providing Log Management
solutions for everyone

GET STARTED NOW!

Check out our products and services

DOWNLOAD BROCHURE

Log Collection Solutions

Managing and monitoring a large number of log collector agents can be tough, especially if you have a lot of servers in different roles with multiple teams in charge. NXLog Manager can remotely manage and monitor NXLog Enterprise Edition instances using a centralized web based management console.

The NXLog Community Edition is an open source log collection tool available at no cost. It is available for various platforms including Windows and GNU/Linux. The NXLog Community Edition is used by thousands worldwide from small startup companies to large security enterprises and has over 70,000 downloads to date. Its flexibility allows it to be utilized in various setups and can be used both as a log collector agent and as a log server.

In addition to the features that our NXLog Community Edition users love such as the flexibility, low memory footprint and high performance, the NXLog Enterprise Edition contains dozens of enhancements and additional features which can be useful in enterprise deployments. These features are enhanced reliability, support for additional log sources such as CheckPoint LEA, NetFlow and SNMP events, agent management and monitoring capabilities, remote Windows EventLog collection, ODBC input and output modules to read/write data into databases (e.g. Microsoft SQL Server) and many more.

NXLog Chatter

NXLog suggested in this thread. If you are getting started with security logging and your SIEM, have a look at our User Guide for integrations.

2019.02.19. 21:24

"Not sure what SIEM you're using, but check out greylog with nxlog clients. Pretty good stuff." - says Reddit member while discussing about Powershell Best practice Security.

Another topic on Reddit discusses Windows file auditing and reporting. "Is there a way to export or create a report from the Windows Security log about the kind of activity a user has been having on a network share?" Yes, as one user suggests - try combo of Graylog + NXLog.

NXLog integration docs with Graylog can be found here under NXLog User Guige.

2019.01.04. 08:42

This podcast discusses Windows Event Forwarding (WEF) by/for IT security practitioners. NXLog EE can be configured for Windows Event Forwarding. See the YouTube description for additional links including a link to NXLog conf example.

2018.11.23. 08:46

NXLog News

Dec 14

We are pleased to announce that NXLog Enterprise Edition v4.2 is now available. This new version comes with more than a hundred fixes and enhancements since v4.1 that our team ...

Dec 13

We are pleased to announce that NXLog Enterprise Edition is now officially part of the Check Point Joint Partnership program. Retrieve real-time and historical security events ...

Nov 29

We have released November Edition of NXLog Newsletter, which contains information on new releases of NXLog products and detailed information on User Guide updates and improvemen...

Nov 19

NXLog Community Edition version 2.10.2150 is now available as of November 16 2018. The download and upgrade instructions are available for each platform in the User Guide under ...

What Users Say

This is an amazing product. Nxlog looks super-cool in so many ways.

I'm glad I discovered nxlog. I almost came to the conclusion that only the Splunk Universal Forwarder could do what I needed to do. Glad I performed that one last Google search which discovered nxlog...

Awesome! everything is working as expected, thank you for the great support and product!

My goal was simple: to find a decent, reliable, easy to install and configure syslog server app. Windows support and rotation were critical. So far looks like nxlog is the answer and I already started recommending it to customers...

I really like nxlog and am gonna start using it on other projects we have. Thank you for this great product!

Tired of Snare? Need more than what OSSEC can provide? Then check nxLog. It is a highly flexible event forwarder for both Windows and Linux. https://www.alienvault.com/forums/discussion/1800/nxlog-for-collecting-windows-logs

Nice work on nxlog, it's a great product!

I'm using nxlog-ce for a couple of weeks now, and I love it. Every day I'm finding out a new detail that impresses me, or an easier way to solve a problem I had before...

Faced with no budget and the reality of a heterogeneous environment I discovered that ONLY nxlog and Splunk will sensibly (i.e. structured) capture Windows logs while providing TCP, TLS and buffering. I settled on nxlog agents on the servers forwarding to an nxlog receiver...

nxlog is a GREAT application, and it has countless uses in my development test environment. Glad I ran across it!

Our Partners

SolarWinds Loggly® is an easy-to-use, cloud based service for monitoring, log analysis, and collaboration. Since 1999, SolarWinds' mission has been to provide purpose-built products that are designed to make jobs easier for technology professionals.

FireEye is an enterprise cybersecurity company that provides products and services, innovative security technologies and nation-state grade threat intelligence to protect against advanced cyber threats.

TEHTRI-Security is a French company specialized in cutting-edge IT Security technologies. Their eGambit solution is a defensive cyber weapon system that includes SIEM, Endpoint Security and Artificial Intelligence.

Raijin Ltd develops database products suitable for ingesting and storing event log data.

IS-Systems is a Russian systems integrator providing IT security services.

AlienVault is a leading provider of SIEM products that include the Unified Security Management® (USM) platform which combines key security capabilities with expert threat intelligence.

5thColumn, LLC is a full service information technology company centered on next generation cyber threat protection and enterprise data security.

Aster Security is a US based company providing products and professional services focusing on IT security.

Securonix is a provider of Next-Gen SIEM and EUBA solutions and is redefining the next generation of cyber-threat detection using the power of machine learning and big data.

Radarservices is a Managed Security Services Provider based in Austria using a unique combination of automated risk detection and analysis tools combined with risk and security experts running a cyber defense center.

LogPoint is a security analytics company based in Denmark providing a SIEM solution to turn big-data into real-time insights.

Infosecurity LLC is an IT security services provider and integrator in Russia.

Symtrex is a cyber security solutions provider with focus on consultancy and assist their customers in North America with cyber security issues, solutions and products.