The ultimate solution for
log collection and centralization

Trusted by thousands

Compare NXLog Enterprise and Community Editions Select your use case
Centralized logging from across macOS fleets

At NXLog, our mission is to provide you with solutions to enable you to collect event data securely reliably efficiently

We offer superior log collection technology that works on all major operating systems, is compatible with most SIEM and log analytics products, and can handle data sources that other tools cannot cope with giving you more visibility into your systems and operations.

NXLog is trusted by thousands of users and organizations across the globe, and is used and recommended by MSSPs and IT security professionals.

Log Collection Solutions

The NXLog Community Edition is an open source log collection tool available at no cost. It is available for various platforms including Windows and GNU/Linux. The NXLog Community Edition is used by thousands worldwide from small startup companies to large security enterprises and has over 70,000 downloads to date. Its flexibility allows it to be utilized in various setups and can be used both as a log collector agent and as a log server.

In addition to the features that our NXLog Community Edition users love such as the flexibility, low memory footprint and high performance, the NXLog Enterprise Edition contains dozens of enhancements and additional features which can be useful in enterprise deployments. These features are enhanced reliability, support for additional log sources such as CheckPoint LEA, NetFlow and SNMP events, agent management and monitoring capabilities, remote Windows EventLog collection, ODBC input and output modules to read/write data into databases (e.g. Microsoft SQL Server) and many more.

Managing and monitoring a large number of log collector agents can be tough, especially if you have a lot of servers in different roles with multiple teams in charge. NXLog Manager can remotely manage and monitor NXLog Enterprise Edition instances using a centralized web based management console.

We offer a number of add-on products to collect logs from various solutions and services such as Salesforce, Box, Okta, Microsoft Exchange, and Microsoft Azure and Office365.

NXLog Chatter

NXLog converts Windows hostname to Host-IP in the logs

NXLog is praised for its rare feature that can convert hostname to host-IP in the logs

2022.09.26. 17:57

How to change DNS settings on a Windows machine

NXLog is praised for its DNS logging capabilities

2022.09.12. 12:13

NXLog is recommended for collecting logs from Mac computers

2022.09.05. 10:55

NXLog News

Sep 23

The European Union’s General Data Protection Regulation (EU GDPR) came into force on 25 May 2018. Many of us remember the influx of marketing emails around this time, with co...

Sep 15

We are happy to announce, the next release of NXLog Enterprise Edition v5 is now available. The version 5.6 fixes issues and brings new capabilities. The most noteworthy improv...

Aug 18

The Windows DNS debug log contains valuable information on DNS queries and activity that is especially useful for monitoring and analyzing malicious traffic. This requires so...

Aug 10

Industrial Control Systems (ICS) have evolved over the years and now have a lot in common with traditional IT systems. Low-cost Ethernet and IP devices are replacing older, p...

What Users Say

This is an amazing product. Nxlog looks super-cool in so many ways.

I'm using nxlog-ce for a couple of weeks now, and I love it. Every day I'm finding out a new detail that impresses me, or an easier way to solve a problem I had before...

Special thanks to the development team that brought us this exceptional piece of software.

Oh #nxlog, why did we not get to know each other sooner? Great to see such a well-designed logging tool.

So overall, NxLog is amazing. It allows you to take the load off of your central syslog cluster and distribute it across all of your endpoints that are generating logs. This also decreases the amount and size of events coming into your cluster from the start so you are only getting exactly the items that you need.

I've been impressed with the capability/functionality, and .. I personally believe that we should "embrace" nxlog as the go-forward mechanism for feeding QRadar.

Faced with no budget and the reality of a heterogeneous environment I discovered that ONLY nxlog and Splunk will sensibly (i.e. structured) capture Windows logs while providing TCP, TLS and buffering. I settled on nxlog agents on the servers forwarding to an nxlog receiver...

On Linux systems, there are many options for converting arbitrary logfiles into syslog. For Microsoft Windows, there are reasonable free options for converting Eventlogs to Syslog, such as SNARE. There are excellent, but expensive tools like Splunk for parsing any sort of data you like. But I really struggled to find anything that could run on Microsoft Windows, convert a custom logfile to syslog, and send it to two destinations simultaneously. After much fruitless searching, and more than a few dead-ends, I found the answer: nxlog. http://lkhill.com/nxlog-convert-to-syslog/

Tired of Snare? Need more than what OSSEC can provide? Then check nxLog. It is a highly flexible event forwarder for both Windows and Linux. https://www.alienvault.com/forums/discussion/1800/nxlog-for-collecting-windows-logs

How did I not know about nxlog for shipping logs from host to..say elasticsearch, syslog, json,..everything?!

Our Partners

TEHTRIS is a French company specialized in cutting-edge IT security technologies. Their eGambit solution is a defensive cyber weapon system that includes SIEM, Endpoint Security, and Artificial Intelligence.

Raijin develops database products suitable for ingesting and storing event log data. NXLog Enterprise Edition can be configured to send logs directly to Raijin Server using the Raijin (om_raijin) output module.

Securonix is a provider of Next-Gen SIEM and EUBA solutions and is redefining the next generation of cyber-threat detection using the power of machine learning and big data.

LogPoint is a security analytics company based in Denmark providing a SIEM solution to turn big-data into real-time insights.

AST specializes in detecting and remediating even unknown types of cyberattacks in no time.

SIEMENS provides cybersecurity solutions to protect industrial plants and automation systems as well as grid operation with high-security standards. SIMATIC PCS 7 is a Supervisory Control and Data Acquisition (SCADA) solution from Siemens

AT&T Cybersecurity (before AlienVault) is a leading provider of SIEM products that include the Unified Security Management® (USM) platform which combines key security capabilities with expert threat intelligence.

Years in production