NXLog search
Let's talk Start free
Let's talk Start free



A Splunk Universal Forwarder Alternative

Discover a superior log shipper for Splunk Enterprise


NXLog Enterprise Edition

  • Integrates with any SIEM
  • Outstanding log collection capabilities from Windows, Linux, macOS, and more
  • Fast, secure, and reliable

Splunk indexers can process events forwarded by NXLog 10 times faster than those forwarded by the Splunk Universal Forwarder.

Contact Us
Request Trial

Reduce operational costs

NXLog provides unmatched filtering and parsing capabilities.
Retain only essential information by trimming event data and dropping unnecessary events altogether.
Filtering logs at the source means you minimize the volume of log data ingested by Splunk, reducing the cost for volume-based plans.

Better Siem Operations

Enhance the quality of your logs

NXLog allows you to rewrite and enrich logs in real time, an advantage over Splunk forwarders, which do not provide data manipulation capabilities. You can convert data to any format, including JSON, XML, CSV, and syslog, and even emulate Splunk's proprietary format for Windows events. Normalizing data to a unified schema simplifies your log analysis and correlation rules when collecting logs from diverse sources.

Enhance The Quality Of Your Logs Web

Do not get vendor-locked

IT environments are continuously evolving. So what happens when you need to send logs to another platform or start using a different SIEM solution? Unlike the Splunk Universal Forwarder, NXLog is platform-independent. It can integrate with any SIEM and multicast logs in different formats. For example, forward logs to Splunk via UDP, TCP, or the Splunk HTTP Event Collector while simultaneously archiving raw events to low-cost storage.

Do Not Get Vendor Locked Web

Simplify agent configuration and management

NXLog can seamlessly integrate with SCM tools, making it easy to deploy across your network. In addition, NXLog's admin API allows you to configure and manage your NXLog agents remotely and securely. Furthermore, you'll be able to monitor the status of your NXLog agents with any third-party system monitor tool.

Simplify Agent Configuration Web

Find out more

Reliability and efficiency

  • A lightweight agent with a low memory footprint
  • Blazingly fast and scalable, can process over 100,000 EPS
  • Failover support, message buffering, and memory and disk-based queues


Compression and security

  • Encrypted data transfer with TLS/SSL
  • Compression over the wire to reduce network bandwidth
  • Protection of data at rest

ICS/SCADA support

  • Dedicated module for capturing network traffic
  • Specialized parsing for ICS protocols, including MODBUS, PROFINET, and BACNET
  • Supports top vendors such as Schneider Electric, Siemens, and Yokogawa