What are performance metrics and why are they important? IT and security systems don’t just generate logs; they also produce extremely valuable performance data that helps ensure the health and stability of your business infrastructure. Host-level performance metrics provide visibility into key resources, such as: CPU usage — Helps identify over-utilization, process bottlenecks, or underused resources. Memory usage — Indicates whether applications are consuming excessive RAM or leaking memory over time.

In our previous blog post, From network logs to insights: Visualizing OpenVPN logs with Elasticsearch and Kibana, we explored how you can gain visibility into VPN activity by collecting and analyzing network logs. Windows security monitoring is another common use case we encounter at NXLog. Windows workstations and servers generate security event logs ranging from authentication attempts and privilege escalations to policy changes and process executions. Such events can reveal external intrusions and insider threats, and for security analysts, they are the first line of evidence in investigating suspicious activity.

At NXLog, we help customers solve real-world telemetry data challenges and bring value to the table with NXLog Platform. One of the recurring problems we see is that while network event logs contain a wealth of information, turning them into actionable insights isn’t straightforward. Security operations teams often struggle to make sense of these logs in a way that directly supports threat detection, response, and investigation. A perfect example of this challenge is VPN logs.

We are happy to announce the latest release of NXLog Platform, version 1.8. This release is packed with improvements to give you deeper insights into your telemetry pipeline and infrastructure, expand compatibility, and enhance the user experience. Want a quick overview? Watch a short demo showcasing the new features in this release: Read on for more details about these updates. Agent metrics for telemetry pipeline observability The new Internal Metrics module supports collecting agent metrics, simplifying data flow and agent health monitoring.

Do you ever feel like you’re drowning in data? From endpoint logs and firewall events to database auditing and cloud metrics, the sheer amount of data is overwhelming. While telemetry data is crucial for threat detection, incident response, and compliance, it also brings a major challenge: log noise. Log noise obscures meaningful security signals. If left unchecked, you risk increased false positives, overloading security tools, higher SIEM licensing costs, and, most importantly, SOC alert fatigue.

Understanding security event logs for stronger cybersecurity. Whether a multinational corporation or a small business, organizations face ever-increasing risks of data theft, insider threats, and system intrusions. In 2025, the security landscape is further complicated by the growing influence of artificial intelligence, as cybercriminals are leveraging AI to enhance the sophistication and scale of attacks. One of the most powerful tools for detecting and responding to attacks is the humble security event logs.