The ultimate solution for
log collection and centralization

Trusted by thousands

Explore NXLog
products Log Compression & Data at
Rest Protection tutorial Webinar: NXLog Community
vs Enterprise Edition

At NXLog, our mission is to provide you with solutions to enable you to collect event data securely reliably efficiently

We offer superior log collection technology that works on all major operating systems, is compatible with most SIEM and log analytics products, and can handle data sources that other tools cannot cope with giving you more visibility into your systems and operations.

NXLog is trusted by thousands of users and organizations across the globe, and is used and recommended by MSSPs and IT security professionals.

Log Collection Solutions

The NXLog Community Edition is an open source log collection tool available at no cost. It is available for various platforms including Windows and GNU/Linux. The NXLog Community Edition is used by thousands worldwide from small startup companies to large security enterprises and has over 70,000 downloads to date. Its flexibility allows it to be utilized in various setups and can be used both as a log collector agent and as a log server.

In addition to the features that our NXLog Community Edition users love such as the flexibility, low memory footprint and high performance, the NXLog Enterprise Edition contains dozens of enhancements and additional features which can be useful in enterprise deployments. These features are enhanced reliability, support for additional log sources such as CheckPoint LEA, NetFlow and SNMP events, agent management and monitoring capabilities, remote Windows EventLog collection, ODBC input and output modules to read/write data into databases (e.g. Microsoft SQL Server) and many more.

Managing and monitoring a large number of log collector agents can be tough, especially if you have a lot of servers in different roles with multiple teams in charge. NXLog Manager can remotely manage and monitor NXLog Enterprise Edition instances using a centralized web based management console.

We offer a number of add-on products to collect logs from various solutions and services such as Salesforce, Box, Okta, Microsoft Exchange, and Microsoft Azure and Office365.

NXLog Chatter

Using NXLog to send logs via GELF to Graylog server

Graylog users discuss NXLog configuration for their purposes.

2021.02.26. 11:01

How to send logs with SSL/TLS to Nagios Log Server with NXLog?

NXLog was mentioned in a tweet about installing NXLog in Nagios.

2021.02.23. 12:24

How to deal with all the event logs that get generated? What events do you tend to keep an eye on?

NXLog gets recommended by several users in a discussion about Windows Event Log Management.

2021.02.23. 12:19

NXLog News

Feb 15

February 2021 Newsletter Enhancing Azure Sentinel’s ingestion capabilities with NXLog This advanced article on sending logs to Azure Sentinel’s explains how the Azure Monitor HT...

Feb 01

What if you could selectively ingest only the high-quality events needed for metrics and reporting that come not only from Azure, but also from other cloud- based resources...

Jan 18

January 2021 Newsletter NXLog Enterprise Edition v5.2 is out We are glad to start the year by announcing the first minor release in the new major version of NXLog Enterprise Edi...

Jan 13

Applications are getting more and more complex. The demand to develop them faster is ever-increasing. This puts stress on organizations’ processes, infrastructure, and the IT t...

What Users Say

Faced with no budget and the reality of a heterogeneous environment I discovered that ONLY nxlog and Splunk will sensibly (i.e. structured) capture Windows logs while providing TCP, TLS and buffering. I settled on nxlog agents on the servers forwarding to an nxlog receiver...

So overall, NxLog is amazing. It allows you to take the load off of your central syslog cluster and distribute it across all of your endpoints that are generating logs. This also decreases the amount and size of events coming into your cluster from the start so you are only getting exactly the items that you need.

I'm new to NxLog but loving it so far for pumping messages into Loggly/Logstash etc.

Have already spent lots of time testing other opensource tools, but none suited so far, only nxlog has helped this far that too with less memory, CPU and IO :)

We follow the market and in our world, nxlog is the hands-down best solution we see for our Windows users.

If Snare’s your butter knife, nxlog is your Swiss Army Knife. With multi-platform support and a gigantor feature list, nxlog is likely to be your next step when you run into some of the limitations of Snare and other simple forwarders. Capturing data from more locations than event logs? Check! Secure transport? Of course! Without question there’s more of a learning curve, but for most organizations serious about log collection on windows (and other platforms!), it’s well worth the time investment. https://opsbot.com/windows-first-class-centralized-logging-citizen/

This is an amazing product. Nxlog looks super-cool in so many ways.

While I have used both rsyslog and syslog-ng, I am now drawn towards nxlog as a more powerful tool. It does a lot natively in terms of log massaging and organization. Take a look at it when you have the chance.

I found NXlog and I'm very excited about it. I installed it for some first test purposes on a Windows 2003 and a Windows 2008 R2 Machine. It works fine and does its job...

I'd like to express my gratitude to those responsible for giving us nxlog - it's an incredible tool that makes gluing together multiple and sometimes dissimilar solutions - a sysadmin's dream come true :-)

Our Partners

FireEye is an enterprise cybersecurity company that provides products and services, innovative security technologies and nation-state grade threat intelligence to protect against advanced cyber threats.

TEHTRIS-Security is a French company specialized in cutting-edge IT Security technologies. Their eGambit solution is a defensive cyber weapon system that includes SIEM, Endpoint Security and Artificial Intelligence.

Raijin Ltd develops database products suitable for ingesting and storing event log data.

IS-Systems is a Russian systems integrator providing IT security services.

AT&T Cybersecurity (before AlienVault) is a leading provider of SIEM products that include the Unified Security Management® (USM) platform which combines key security capabilities with expert threat intelligence.

Securonix is a provider of Next-Gen SIEM and EUBA solutions and is redefining the next generation of cyber-threat detection using the power of machine learning and big data.

Radarservices is a Managed Security Services Provider based in Austria using a unique combination of automated risk detection and analysis tools combined with risk and security experts running a cyber defense center.

LogPoint is a security analytics company based in Denmark providing a SIEM solution to turn big-data into real-time insights.

Infosecurity LLC is an IT security services provider and integrator in Russia.

Symtrex is a cyber security solutions provider with focus on consultancy and assist their customers in North America with cyber security issues, solutions and products.

CEWTEC is an IT security integrator and consultancy firm based in Costa Rica.

Modex develops cutting-edge solutions that make blockchain technology affordable, fast, and easy to adopt at the enterprise level.

AST specializes in detecting and remediating even unknown types of cyberattacks in no time.

With PostSharp Logging, you can add highly detailed logging to your C# application with zero impact on source code and direct it to any .NET logging framework. PostSharp offers a free perpetual license for an unlimited number of developers, including 6 months of support and updates for PostSharp Logging to all NXLog customers.

SIEMENS provides cybersecurity products, solutions, and services to protect industrial plants and automation systems as well as grid operation with high-security standards.

Years in production