The ultimate solution for
log collection and centralization

Trusted by thousands

Compare NXLog Enterprise and Community Editions Select your use case LIVE WEBINAR: SCADA logging with NXLog. Register Now !

At NXLog, our mission is to provide you with solutions to enable you to collect event data securely reliably efficiently

We offer superior log collection technology that works on all major operating systems, is compatible with most SIEM and log analytics products, and can handle data sources that other tools cannot cope with giving you more visibility into your systems and operations.

NXLog is trusted by thousands of users and organizations across the globe, and is used and recommended by MSSPs and IT security professionals.

Log Collection Solutions

The NXLog Community Edition is an open source log collection tool available at no cost. It is available for various platforms including Windows and GNU/Linux. The NXLog Community Edition is used by thousands worldwide from small startup companies to large security enterprises and has over 70,000 downloads to date. Its flexibility allows it to be utilized in various setups and can be used both as a log collector agent and as a log server.

In addition to the features that our NXLog Community Edition users love such as the flexibility, low memory footprint and high performance, the NXLog Enterprise Edition contains dozens of enhancements and additional features which can be useful in enterprise deployments. These features are enhanced reliability, support for additional log sources such as CheckPoint LEA, NetFlow and SNMP events, agent management and monitoring capabilities, remote Windows EventLog collection, ODBC input and output modules to read/write data into databases (e.g. Microsoft SQL Server) and many more.

Managing and monitoring a large number of log collector agents can be tough, especially if you have a lot of servers in different roles with multiple teams in charge. NXLog Manager can remotely manage and monitor NXLog Enterprise Edition instances using a centralized web based management console.

We offer a number of add-on products to collect logs from various solutions and services such as Salesforce, Box, Okta, Microsoft Exchange, and Microsoft Azure and Office365.

NXLog Chatter

Reddit post about the detection of the new Windows 0-day using NXLog as part of their solution

Blumira's article on Reddit about the 0-Day Windows Vulnerability where NXLog is part of the configuration solution for collecting Windows logs.

2021.11.25. 10:43

Using NXLog to add your Windows logs into IBM Log Analysis

IBM released docs for collecting logs from Windows, using NXLog CE as log collector.

2021.11.22. 09:41

NXLog CE mentioned in a tutorial about setting up Graylog instance

Video tutorial on how to configure the Graylog agent on Windows using NXLog.

2021.11.15. 06:49

NXLog News

Nov 18

Live Webinar: Industrial Control Systems (ICS) log collection Industrial Control Systems (ICS) are frequent targets for cyberattacks, and according to security research, the sca...

Oct 27

Features of NXLog Enterprise Edition you must have So, it turns out that your organization needs a reliable solution that can collect, parse, forward, and aggregate your log ...

Oct 20

Watch Now: Passive Network Monitoring and Network Packet Capture Support with the im_pcap module video tutorial With Passive Network Monitoring, administrators have the opportun...

Oct 11

DHCP server log collection made simple DHCP (Dynamic Host Configuration Protocol) is a network management protocol that dynamically assigns IP addresses to each client machin...

What Users Say

So overall, NxLog is amazing. It allows you to take the load off of your central syslog cluster and distribute it across all of your endpoints that are generating logs. This also decreases the amount and size of events coming into your cluster from the start so you are only getting exactly the items that you need.

Its the ultimate tool so far to get android logs into logstash/splunk/and other futuristic log mgmt tools.

In researching how to get nxlog up and running, I found the configuration syntax easy to use and really flexible. Thank you very much for the excellent program NXLOG.

While I have used both rsyslog and syslog-ng, I am now drawn towards nxlog as a more powerful tool. It does a lot natively in terms of log massaging and organization. Take a look at it when you have the chance.

I went in search of a logging tool that could solve at least some of these issues... After looking around for some time, I stumbled across nxlog. Nxlog seems to support just about every log format on the planet, and will run on Windows and *nix servers. Its easy to setup, and just seems to work. The configuration is logical.

I'm new to NxLog but loving it so far for pumping messages into Loggly/Logstash etc.

If Snare’s your butter knife, nxlog is your Swiss Army Knife. With multi-platform support and a gigantor feature list, nxlog is likely to be your next step when you run into some of the limitations of Snare and other simple forwarders. Capturing data from more locations than event logs? Check! Secure transport? Of course! Without question there’s more of a learning curve, but for most organizations serious about log collection on windows (and other platforms!), it’s well worth the time investment. https://opsbot.com/windows-first-class-centralized-logging-citizen/

I set a lab environment up today with. A few ios syslogs, nix syslogs, and a 2008 nxlog sender. It(nxlog) fetched the events and sent it with no hassle. Pretty cool I must say...

I'm very new to this, but deeply impressed, what nxlog-ce is capable of...

nxlog is a GREAT application, and it has countless uses in my development test environment. Glad I ran across it!

Our Partners

SIEMENS provides cybersecurity solutions to protect industrial plants and automation systems as well as grid operation with high-security standards. SIMATIC PCS 7 is a Supervisory Control and Data Acquisition (SCADA) solution from Siemens

AT&T Cybersecurity (before AlienVault) is a leading provider of SIEM products that include the Unified Security Management® (USM) platform which combines key security capabilities with expert threat intelligence.

TEHTRIS is a French company specialized in cutting-edge IT security technologies. Their eGambit solution is a defensive cyber weapon system that includes SIEM, Endpoint Security, and Artificial Intelligence.

Raijin develops database products suitable for ingesting and storing event log data. NXLog Enterprise Edition can be configured to send logs directly to Raijin Server using the Raijin (om_raijin) output module.

Securonix is a provider of Next-Gen SIEM and EUBA solutions and is redefining the next generation of cyber-threat detection using the power of machine learning and big data.