NXLog provides unmatched filtering and parsing capabilities. Retain only essential information by trimming event data and dropping unnecessary events altogether. Filtering logs at the source means you minimize the volume of log data ingested by Splunk, reducing the cost for volume-based plans.
Enhance the quality of your logs
NXLog allows you to rewrite and enrich logs in real time, an advantage over Splunk forwarders, which do not provide data manipulation capabilities. You can convert data to any format, including JSON, XML, CSV, and syslog, and even emulate Splunk's proprietary format for Windows events. Normalizing data to a unified schema simplifies your log analysis and correlation rules when collecting logs from diverse sources.
Do not get vendor-locked
IT environments are continuously evolving. So what happens when you need to send logs to another platform or start using a different SIEM solution? Unlike the Splunk Universal Forwarder, NXLog is platform-independent. It can integrate with any SIEM and multicast logs in different formats. For example, forward logs to Splunk via UDP, TCP, or the Splunk HTTP Event Collector while simultaneously archiving raw events to low-cost storage.
Simplify agent configuration and management
NXLog can seamlessly integrate with SCM tools, making it easy to deploy across your network. In addition, NXLog's admin API allows you to configure and manage your NXLog agents remotely and securely. Furthermore, you'll be able to monitor the status of your NXLog agents with any third-party system monitor tool.