Providing Log Management
solutions for everyone

GET STARTED NOW!

Check out our products and services

Log Management Solutions

The NXLog Community Edition is an open source log management tool available at no cost. It is available for various platforms including Windows and GNU/Linux. The NXLog Community Edition is used by thousands worldwide from small startup companies to large security enterprises and has over 70,000 downloads to date. Its flexibility allows it to be utilized in various setups and can be used both as a log collector agent and as a log server.

In addition to the features that our NXLog Community Edition users love such as the flexibility, low memory footprint and high performance, the NXLog Enterprise Edition contains dozens of enhancements and additional features which can be useful in enterprise deployments. These features are enhanced reliability, support for additional log sources such as CheckPoint LEA, NetFlow and SNMP events, agent management and monitoring capabilities, remote Windows EventLog collection, ODBC input and output modules to read/write data into databases (e.g. Microsoft SQL Server) and many more.

Managing and monitoring a large number of log collector agents can be tough, especially if you have a lot of servers in different roles with multiple teams in charge. NXLog Manager can remotely manage and monitor NXLog Enterprise Edition instances using a centralized web based management console.

NXLog Chatter

This video shows a quick and easy way to send Windows Event Logs to a syslog server by installing the NXlog client on a Windows 2012 R2 Server.

2018.09.18. 14:44

Assuming your environments have been configured to log this stuff...nxlog will automatically forward all of these windows events to your SIEM for you in real time...you don't need a script to make this happen.

2018.07.15. 12:18

In his article titled Security Information & Event Management Design: Why log filtering is essential for windows domain log sources? Paul Dutot from Defence Logic raises some valid points about agent side filtering which we have been advocating for some time now. Well worth the read!

2018.05.23. 16:42

Log Management News

Aug 28

The NXLog Enterprise Edition v4.0 was released earlier this year. If you have missed it, read the release announcement here. We have been busy this summer, and are happy to brin...

Jul 25

What are logs for? People outside the security industry probably would answer this question: "To fill up disk space". Partly true, logging can be a point of failure in the syst...

Jun 21

The NXLog Community Edition was first published in 2011 and it started picking up momentum during the years becoming the preferred log collection tool for thousands of users and...

Apr 11

As a result of several months' hard work we have released the NXLog Enterprise Edition v4.0 yesterday. Below is a summary of what the new release brings. Improved user guide ...

What Users Say

We follow the market and in our world, nxlog is the hands-down best solution we see for our Windows users.

I found NXlog and I'm very excited about it. I installed it for some first test purposes on a Windows 2003 and a Windows 2008 R2 Machine. It works fine and does its job...

So overall, NxLog is amazing. It allows you to take the load off of your central syslog cluster and distribute it across all of your endpoints that are generating logs. This also decreases the amount and size of events coming into your cluster from the start so you are only getting exactly the items that you need.

Its the ultimate tool so far to get android logs into logstash/splunk/and other futuristic log mgmt tools.

On Linux systems, there are many options for converting arbitrary logfiles into syslog. For Microsoft Windows, there are reasonable free options for converting Eventlogs to Syslog, such as SNARE. There are excellent, but expensive tools like Splunk for parsing any sort of data you like. But I really struggled to find anything that could run on Microsoft Windows, convert a custom logfile to syslog, and send it to two destinations simultaneously. After much fruitless searching, and more than a few dead-ends, I found the answer: nxlog. http://lkhill.com/nxlog-convert-to-syslog/

I'm glad I discovered nxlog. I almost came to the conclusion that only the Splunk Universal Forwarder could do what I needed to do. Glad I performed that one last Google search which discovered nxlog...

I'm new to NxLog but loving it so far for pumping messages into Loggly/Logstash etc.

How did I not know about nxlog for shipping logs from host to..say elasticsearch, syslog, json,..everything?!

First of all, I checked out a bunch of centralized logging systems before finding nxlog, and it is refreshing in its simplicity and conciseness. I really appreciate the small and tight C code.

If Snare’s your butter knife, nxlog is your Swiss Army Knife. With multi-platform support and a gigantor feature list, nxlog is likely to be your next step when you run into some of the limitations of Snare and other simple forwarders. Capturing data from more locations than event logs? Check! Secure transport? Of course! Without question there’s more of a learning curve, but for most organizations serious about log collection on windows (and other platforms!), it’s well worth the time investment. https://opsbot.com/windows-first-class-centralized-logging-citizen/

Our Partners

Loggly is a cloud-based log management and analytics service provider based in San Francisco, California.

FireEye is an enterprise cybersecurity company that provides products and services, innovative security technologies and nation-state grade threat intelligence to protect against advanced cyber threats.

TEHTRI-Security is a French company specialized in cutting-edge IT Security technologies. Their eGambit solution is a defensive cyber weapon system that includes SIEM, Endpoint Security and Artificial Intelligence.

Raijin Ltd develops database products suitable for ingesting and storing event log data.

IS-Systems is a Russian systems integrator providing IT security services.

AlienVault is a leading provider of SIEM products that include the Unified Security Management® (USM) platform which combines key security capabilities with expert threat intelligence.

5thColumn, LLC is a full service information technology company centered on next generation cyber threat protection and enterprise data security.

Aster Security is a US based company providing products and professional services focusing on IT security.

Securonix is a provider of Next-Gen SIEM and EUBA solutions and is redefining the next generation of cyber-threat detection using the power of machine learning and big data.

Radarservices is a Managed Security Services Provider based in Austria using a unique combination of automated risk detection and analysis tools combined with risk and security experts running a cyber defense center.

LogPoint is a security analytics company based in Denmark providing a SIEM solution to turn big-data into real-time insights.

Infosecurity LLC is an IT security services provider and integrator in Russia.

Symtrex is a cyber security solutions provider with focus on consultancy and assist their customers in North America with cyber security issues, solutions and products.