The ultimate solution for
log collection and centralization

Explore NXLog products

Trusted by thousands

Download
brochure

At NXLog, our mission is to provide you with solutions to enable you to collect event data securely reliably efficiently

We offer superior log collection technology that works on all major operating systems, is compatible with most SIEM and log analytics products, and can handle data sources that other tools cannot cope with giving you more visibility into your systems and operations.

NXLog is trusted by thousands of users and organizations across the globe, and is used and recommended by MSSPs and IT security professionals.

Log Collection Solutions

The NXLog Community Edition is an open source log collection tool available at no cost. It is available for various platforms including Windows and GNU/Linux. The NXLog Community Edition is used by thousands worldwide from small startup companies to large security enterprises and has over 70,000 downloads to date. Its flexibility allows it to be utilized in various setups and can be used both as a log collector agent and as a log server.

In addition to the features that our NXLog Community Edition users love such as the flexibility, low memory footprint and high performance, the NXLog Enterprise Edition contains dozens of enhancements and additional features which can be useful in enterprise deployments. These features are enhanced reliability, support for additional log sources such as CheckPoint LEA, NetFlow and SNMP events, agent management and monitoring capabilities, remote Windows EventLog collection, ODBC input and output modules to read/write data into databases (e.g. Microsoft SQL Server) and many more.

Managing and monitoring a large number of log collector agents can be tough, especially if you have a lot of servers in different roles with multiple teams in charge. NXLog Manager can remotely manage and monitor NXLog Enterprise Edition instances using a centralized web based management console.

We offer a number of add-on products to collect logs from various solution and services such as Salesforce, Box, Okta, Microsoft Exchange, and Microsoft Azure and Office365.

NXLog Chatter

New post published on the OVH website sharing their insights. "Sending Windows Logs with NXLog to Logs Data Platform in 15 minutes or less". Great feedback also - "one of the leader of the log management tools. Its configuration is fairly simple and can get you started in a few minutes."

2019.04.24. 12:12

NXLog mentioned as a suggested agent for host-based logging in this talk "Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework". View the entire video and read the PDF. Read more about integrating with Elasticsearch and Kibana here.

2019.04.05. 10:03

Three newly updated articles from Nagios within the last 1-2 months on configuring NXLog with Nagios Log Server. "Sending NXLogs with SSL/TLS" (last update March 2019), "Configuring NXLog To Send Additional Log Files" (last update Feb 2019) and "Configuring NXLog To Send Multi-Line Log Files" (last update on Feb 2019). Feel free to reach out to our Community Forum for help!

2019.03.31. 17:45

NXLog News

May 23

We are proud to announce that we have released NXLog Enterprise Edition v4.4 the other day. Our team has worked on and solved over 40 issues to reach this milestone. You can g...

Mar 13

We have released NXLog Enterprise Edition v4.3 today. Our team has worked on and solved over 70 issues to reach this milestone. You can grab the packages from Downloads. Insta...

Feb 01

NXLog, the developer of NXLog Enterprise Edition - a modular, multi-threaded, high-performance log collection solution - has announced that it is now a certified partner for RHE...

Dec 14

We are pleased to announce that NXLog Enterprise Edition v4.2 is now available. This new version comes with more than a hundred fixes and enhancements since v4.1 that our team ...

What Users Say

First of all, I checked out a bunch of centralized logging systems before finding nxlog, and it is refreshing in its simplicity and conciseness. I really appreciate the small and tight C code.

In researching how to get nxlog up and running, I found the configuration syntax easy to use and really flexible. Thank you very much for the excellent program NXLOG.

Nxlog-ce is for me the best Windows logs parser, low memory footprint , low cpu.

While I have used both rsyslog and syslog-ng, I am now drawn towards nxlog as a more powerful tool. It does a lot natively in terms of log massaging and organization. Take a look at it when you have the chance.

I'm glad I discovered nxlog. I almost came to the conclusion that only the Splunk Universal Forwarder could do what I needed to do. Glad I performed that one last Google search which discovered nxlog...

nxlog is a lot leaner and does a great job pulling Windows Event Log data and forwarding it to Logstash using JSON or GELF. Its configuration syntax is also a lot more robust and full-featured than Logstash's, so you might find it easier to do complex things with your event logs before you forward them, like filtering out noisy logs before they ever get to the server.

I'm using nxlog-ce for a couple of weeks now, and I love it. Every day I'm finding out a new detail that impresses me, or an easier way to solve a problem I had before...

I'd like to express my gratitude to those responsible for giving us nxlog - it's an incredible tool that makes gluing together multiple and sometimes dissimilar solutions - a sysadmin's dream come true :-)

I went in search of a logging tool that could solve at least some of these issues... After looking around for some time, I stumbled across nxlog. Nxlog seems to support just about every log format on the planet, and will run on Windows and *nix servers. Its easy to setup, and just seems to work. The configuration is logical.

I set a lab environment up today with. A few ios syslogs, nix syslogs, and a 2008 nxlog sender. It(nxlog) fetched the events and sent it with no hassle. Pretty cool I must say...

Our Partners

SolarWinds Loggly® is an easy-to-use, cloud based service for monitoring, log analysis, and collaboration. Since 1999, SolarWinds' mission has been to provide purpose-built products that are designed to make jobs easier for technology professionals.

FireEye is an enterprise cybersecurity company that provides products and services, innovative security technologies and nation-state grade threat intelligence to protect against advanced cyber threats.

TEHTRI-Security is a French company specialized in cutting-edge IT Security technologies. Their eGambit solution is a defensive cyber weapon system that includes SIEM, Endpoint Security and Artificial Intelligence.

Raijin Ltd develops database products suitable for ingesting and storing event log data.

IS-Systems is a Russian systems integrator providing IT security services.

AlienVault is a leading provider of SIEM products that include the Unified Security Management® (USM) platform which combines key security capabilities with expert threat intelligence.

5thColumn, LLC is a full service information technology company centered on next generation cyber threat protection and enterprise data security.

Aster Security is a US based company providing products and professional services focusing on IT security.

Securonix is a provider of Next-Gen SIEM and EUBA solutions and is redefining the next generation of cyber-threat detection using the power of machine learning and big data.

Radarservices is a Managed Security Services Provider based in Austria using a unique combination of automated risk detection and analysis tools combined with risk and security experts running a cyber defense center.

LogPoint is a security analytics company based in Denmark providing a SIEM solution to turn big-data into real-time insights.

Infosecurity LLC is an IT security services provider and integrator in Russia.

Symtrex is a cyber security solutions provider with focus on consultancy and assist their customers in North America with cyber security issues, solutions and products.