deployment  |  telemetry data pipeline

World of OpenTelemetry

With an ever-expanding choice of technologies on the market, navigating the range of open-source observability tools can be a challenge. Which is why, when it comes to managing complex multicloud environments and their services, standardization is crucial. Here’s where OpenTelemetry (OTel) can play a key role. Developed through the merger of OpenCensus and OpenTracing, OpenTelemetry has become the new standard for open-source telemetry. Discover what OTel is, the types of telemetry data it encompasses, its potential benefits, and how NXLog can support your OpenTelemetry ecosystem.

releases  |  Platform

Announcing NXLog Platform 1.3

We proudly announce the latest release of NXLog Platform, version 1.3. This release adds new features and bug fixes, including the ones highlighted below. Improved installation and configuration The installation processes for NXLog Platform and NXLog Agent received the following configuration improvements: You can now configure the NXLog Platform hostname and specify a label when running the NXLog Agent installer to ease automatic enrollment and agent configuration. This configuration is available on Windows, Debian/Ubuntu, Red Hat Enterprise Linux, and macOS.

deployment  |  telemetry data pipeline

Understanding telemetry pipelines

Back in the day, Gordon Moore made relatively accurate observations and projections about the exponential growth of transistors on semiconductors. It still amazes me, yet very few predicted the incredible growth of system interconnectedness and the vast amount of data it generates. It is estimated that 90% of all data was created in the last last two years. Given that everything is connected, the need for telemetry is growing at an unprecedented rate, and thus, the need to efficiently channel and manage telemetry data has also grown.

NXLog Platform

NXLog redefines the market with the launch of NXLog Platform: a new centralized log management solution

NXLog Platform is a new centralized log management solution from the vendor with over 12 years of experience and 600 clients worldwide, including Fortune 500 companies. The new solution stands out for the following unique features: Agentless or agent-based log collection using the most versatile log processor and forwarder. Cloud-ready self-hosted centralized agent and log management system for ultimate scalability. High-volume, fast, schemaless long-term log retention database with high compression ratios.

NXLog Enterprise Edition  |  NXLog Manager  |  announcement

Announcing the end-of-sale for NXLog Enterprise Edition and NXLog Manager

We are officially announcing that NXLog will no longer be selling NXLog Enterprise Edition and NXLog Manager. This decision reflects our commitment to evolving our product offerings and delivering more powerful, future-proof solutions. While the sale of these products is ending, please be assured that we will continue to provide full technical support, maintenance, and bug fixes for both NXLog Enterprise Edition and NXLog Manager until the end of your contractual period.

NXLog Platform

Welcome to the future of log management with NXLog Platform

Centralized log management at the core of security monitoring Enhance data visibility, streamline security operations, and reduce SIEM costs. We are excited to announce the upcoming launch of our new centralized log management solution, NXLog Platform. Over the past year, our team has been working hard to bring you an innovative log collection and management solution. In our 12+ years of experience in the industry, we have learned that one of the biggest challenges in log management is the number of dispersed systems you need to manage.

security  |  announcement

The CrowdStrike incident and how the NXLog agent operates

Automatic updates are recommended by many vendors as they are considered essential for safeguarding against security threats and maintaining system performance. Updates not only enhance security but also deliver bug fixes and new features, contributing to improved user experience. Software updates, however, come with the inherent risk of breaking existing functionality and can potentially interfere with other software or the operating system itself causing unintended side effects. Automatic updates that the user has no control over escalate the risk further.

releases  |  Enterprise Edition

Announcing NXLog Enterprise Edition 5.11

We are excited to announce the release of NXLog Enterprise Edition 5.11. This latest version introduces two new features and addresses over twenty important issues, including two of the most significant which are highlighted in this announcement. Key enhancements in NXLog Enterprise Edition 5.11 Support for new macOS ES events NXLog Enterprise Edition 5.11 now supports the events introduced by version 13 of the macOS Endpoint Security (ES) API. Check the official Apple documentation for the most up-to-date list of events supported by the macOS ES API.

release  |  Raijin database

Raijin announces release of version 2.1

Raijin has announced the release of version 2.1 of its powerful, schemaless SQL-like database engine. This focuses on performance improvements. Read on for the highlights and check out the Raijin release notes for a complete list of the features and improvements. Performance improvements As mentioned, this release focused on optimizing the performance of partitioned database tables. Partitioned tables store data in separate locations with their own set of metadata based on the values present in the data.

releases  |  Enterprise Edition

Announcing NXLog Enterprise Edition 6.3

We proudly announce the latest release of NXLog Enterprise Edition, version 6.3. This release adds new features and bug fixes, including the ones highlighted below. Support for parsing DTS Compliant logs from Microsoft Network Policy Server (NPS) The xm_nps extension module now supports parsing the newest DTL Compliant log format from Microsoft NPS. The module can now automatically parse all NPS log types, including legacy ODBC and IAS, without you having to specify the log type when configuring the module.

release  |  Raijin database

Raijin announces release of version 2.0

Raijin has announced the release of version 2.0 of its powerful, schemaless SQL-like database engine. This version introduces several performance improvements. Read on for the highlights and check out the Raijin release notes for a complete list of the features and improvements. Enhanced table partitioning Table partitioning is a key factor in database management, improving query performance by only searching through relevant information and optimizing storage by efficiently pruning irrelevant content.

release  |  Raijin database

Raijin announces release of version 1.5

Raijin has announced the release of version 1.5 of its powerful, schemaless SQL-like database engine. This version introduces several performance improvements. Read on for the highlights and check out the Raijin release notes for a complete list of the features and improvements. Centralized storage for simpler management Until now, Raijin stored various stateful files in different locations across the system, requiring additional effort to keep track of that content. Raijin has now been refactored to use /data as the base directory.

review  |  2023

2023 and NXLog - a review

It’s finally the holiday season, and we’re down to a skeleton staff here at NXLog. It’s nearly time for us to shut down our laptops, pick up a cup of hot chocolate (or mulled wine if we’re lucky), and get ready for a week or so of reading, relaxing, opening presents, perhaps coping with distant relatives, and all-around merry-making over the holiday period. So we hope you’ll forgive us if we keep this recap of 2023 succinct.

releases  |  Enterprise Edition

Announcing NXLog Enterprise Edition 5.10

We are excited to announce the release of NXLog Enterprise Edition 5.10. This latest version addresses over twenty important issues - the two most significant are mentioned in this announcement - and introduces two features backported from NXLog Enterprise Edition 6. Key enhancements in NXLog Enterprise Edition 5.10 ElasticSearch integration NXLog Enterprise Edition 5.10 now allows ElasticSearch users to send data as a stream. This feature enables the storage of events in an append-only, single-named manner, enhancing data management and retrieval efficiency.

release  |  Raijin database

Raijin announces release of version 1.4

Raijin has announced the release of version 1.4 of its powerful, schemaless SQL-like database engine. This version introduces new functionality for managing users and views, among several fixes and performance improvements. Read on for the highlights and check out the Raijin release notes for a complete list of the features and improvements. Improved user management This release builds on the previous one to provide better user management and auditing. With the SHOW USERS command, you can now retrieve a list of your Raijin users and their authentication type.

releases  |  Enterprise Edition

Announcing NXLog Enterprise Edition 6.2

We proudly announce the latest release of NXLog Enterprise Edition, version 6.2. This release adds some new features and includes bug fixes and stability enhancements. File and folder symlink support In this release, the primary focus was on adding uniform support for file and folder symlinks. The new development affects the im_file and im_fim modules when collecting logs from files, and when using File Integrity Monitoring. The new feature is available to use with the newly introduced directive FollowSymlink.

releases  |  NXLog Manager

Announcing NXLog Manager 5.7

We are pleased to announce the latest release of NXLog Manager, version 5.7. This release addresses several CVE issues, adds support for NXLog’s Microsoft Azure modules, and provides an updated Docker image. Read on to find out more about these new features. A more secure NXLog Manager This version addresses multiple known Common Vulnerabilities and Exposures (CVE), reducing the attack surface in our customers' systems. See the release notes for a complete list of corrected CVEs.

releases  |  Enterprise Edition

Announcing NXLog Enterprise Edition 6.1

We proudly announce the latest release of NXLog Enterprise Edition, version 6.1. This release adds new features to our Google Chronicle and Kafka output modules to provide more flexible configuration, introduces support for certificates with TPM-attested keys, and implements enhancements to our HTTP input module. Read on to find out more about these new features. More flexibility for your Google Chronicle integration We continue to build up our Google Chronicle output module with new functionality to give you more flexibility and control over your data.

release  |  Raijin database

Raijin announces release of version 1.3

Raijin has announced the release of version 1.3 of its powerful, schemaless SQL-like database engine. This version implements user authentication and permissions and focuses on enhancing performance and robustness. New user authentication and permissions This release introduces certificate and password-based user authentication and granular user permissions. You can grant permissions at the database or table level with support for the following privileges: ALL PRIVILEGE (superuser) CREATE SELECT INSERT DROP

releases  |  Enterprise Edition

Announcing NXLog Enterprise Edition 6.0

We proudly announce the latest release of NXLog Enterprise Edition, version 6.0. This major release includes new NXLog language data types, additional TCP and HTTP configuration options, and enhancements to our Elasticsearch and remote administration modules. It will help you improve data integration and handling, enhance manageability, and increase cost efficiency. Empower your data integration with new "Array" and "Hash" data types As the NXLog configuration language now supports compound values with Array and Hash data types, you can enhance data integrity and coherence.

release  |  Raijin database

Raijin announces release of version 1.2

Raijin has announced the release of version 1.2 of its powerful, schemaless SQL-like database engine. This version introduces significant performance improvements and usability enhancements. Faster data ingestion and query performance This release optimizes data ingestion by introducing partial parallelization. Raijin Database now parses and inserts batches of data simultaneously, resulting in up to 15% faster ingestion. The team also addressed bottlenecks in the SELECT and COPY statements and implemented several optimizations to improve overall query performance.

releases  |  Enterprise Edition

Announcing NXLog Enterprise Edition 5.9

We are proud to announce the latest release of NXLog Enterprise Edition, version 5.9. This release focuses on bringing you new supported platforms and configuration options. Read on to find out more about some of these new features. Added protocols to network packet capture information Our administrative module (xm_admin) now returns a list of protocols configured in a packet capture (im_pcap) instance when you request server or module information. This allows you to track, count, and report on the network protocols you are monitoring.

release  |  Raijin database

Raijin announces release of version 1.1

Raijin has announced the release of version 1.1 of its powerful, schemaless SQL-like database engine. Many new features have been added to version 1.1. Let’s take a look at the highlights. Prometheus exporter improvements Introduced disk usage statistics - Disk usage statistics about free space availability and file system size were introduced. Introduced query statistics - Event and query statistics were introduced in the Prometheus exporter. The following statistics can be queried:

releases  |  Enterprise Edition

Announcing NXLog Enterprise Edition 5.8

We are proud to announce the latest release of NXLog Enterprise Edition, version 5.8. Our newest release includes new modules, better integrations, and additional metrics to collect across your organization. Read on to find out more about some of these new features. Native Salesforce module We’ve built a new native module (im_salesforce) for ingesting logs from Salesforce. With this, you no longer have to run an external Python-based Add-On script.

release announcement  |  Community Edition

Announcing NXLog Community Edition 3.2

We’re glad to announce the latest release of NXLog Community Edition. This release mainly fixes an issue where the file_name() function returns an unknown error. We’ve also stopped officially supporting the Android mobile operating system. Get in touch with our team if you have any questions, or request a free trial of our flagship log collection solution, NXLog Enterprise Edition, below. NXLog Platform is an on-premises solution for centralized log management with versatile processing forming the backbone of security monitoring.

release  |  Raijin database

Raijin announces release of version 1.0

Raijin has announced the release of version 1.0 of its powerful schemaless SQL database engine, furthering its goal of "solving schema rigidity" in modern databases. Many new features have been added to this version 1.0 milestone release. Let’s take a look at some of the headline features. The power of SQL without the drawbacks SQL has been the titan of database query languages for decades, and it is still ubiquitous the world over.

NXLog in the world  |  social

NXLog in the world - January 2023

A round-up of some of our favorite social media chatter about NXLog this month. Tecmint: Most notable open source log collection tools - NXLog features on the list of top centralized log collection tools Blumira: Windows Firewall with GPOs - NXLog is recommended to be used in managing the Windows Firewall with GPOs NSTEC: Exploring the benefits of SCEP - NXLog is recommended for collecting logs for System Center Endpoint Protection

Enterprise Edition  |  releases

Announcing NXLog Enterprise Edition 5.7

New year, new NXLog Enterprise Edition. Our developers have been hard at work throughout the holiday season to release the latest version of our flagship log collection solution. We are proud to announce NXLog Enterprise Edition 5.7, which includes bug fixes, security updates, and, of course, many new features. Read on to find out more about some of these new features. Native support for Google Cloud Logging, Amazon S3, and Microsoft 365 Google Cloud Logging, Amazon S3, and Microsoft 365 integrations were already available as Add-Ons to NXLog Enterprise Edition.

2022 review  |  highlights

NXLog - 2022 in review

We’ve come to the end of 2022, and what a year it’s been. It was a year marked by war, economic toil, and addressing the aftermath of the Covid-19 pandemic. Europe was immediately thrust into crisis in February when the Russia-Ukraine War began. Unfortunately, as an Eastern European-based company, many of our colleagues were directly affected by it. Then, more recently and in the United States especially, many tech companies began restructuring their organizations to deal with the looming economic problems that are forecast.

google chronicle  |  siem  |  integration  |  features

NXLog provides native support for Google Chronicle

We are delighted to announce that with the release of NXLog Enterprise Edition 5.5, NXLog provides native support for sending log data to the Google Chronicle threat intelligence platform. About Google Chronicle Google Chronicle is a cloud-native SIEM service provided on the Google Cloud Platform. It allows organizations to normalize, correlate, and analyze their logging data. Chronicle makes threat hunting easy by empowering security experts to investigate logs allowing them to take a holistic approach to threat detection.

nxlog ce  |  raijin  |  analytics  |  database  |  features

NXLog Community Edition support for Raijin Database

Last month saw the release of NXLog Community Edition version 3.0. One of the major new features in this release is the added support for sending log data to Raijin Database. This feature opens up exciting possibilities for implementing a custom centralized log collection and storage solution. What is Raijin Database? Raijin Database is a free-of-charge schemaless database engine explicitly designed to store data for analytics efficiently. The fact that it does not require you to define a schema up-front makes it well suited for storing event logs from diverse sources containing different types of information in a structured format.

Responsible disclosure - Our encounter with Monero mining

On the 18th of March, we noticed some unusual activity on one of our servers we use for build automation. Further investigation revealed that an outside party had deployed a Monero miner. The server was immediately taken offline. There was no customer data stored on the server and we have since replaced all our private keys and secrets that might have been potentially compromised. After careful and thorough investigation of the incident, we decided to publish this announcement and share this news with our customers and users, hoping that it might serve as a lesson for others.