All posts NXLog Blog

January 5, 2026

Telemetry is evolving; is your business ready?

Some still think telemetry is a futuristic concept, but it isn’t. It’s already integral to the smooth running of everything from websites, e-commerce platforms and mobile apps to manufacturing, traffic control and much, much more. And it all begins with the humble data log. From the earliest days of computing, programmers have recorded useful information — often in a file — to help track and react to potential threats and understand what’s going on "under the hood" of their IT infrastructures.

December 18, 2025

Security advisory for CVE-2025-67900 affecting NXLog Agent 6.10 and older on Windows

We are committed to the security of our customers, and wish to inform you of CVE-2025-67900, a recently published vulnerability affecting the Windows version of NXLog Agent 6.10 and older. Technical description The Windows version of NXLog Agent 6.10.10368 and older includes a Privilege Escalation vulnerability because it attempts to load an OpenSSL configuration file from the hardcoded and unintended directory C:\nxlog4\x64\ on startup. This is a legacy installation directory that may not exist in clean NXLog Agent installations.

December 18, 2025

2025 and NXLog - a recap

As the new year looms large, we at NXLog are ready for one of the season’s most cherished traditions: reflecting on the year that ends. Coming off a 2024 that was centered on the NXLog Platform release, our 2025 was built on our analysis of the current state of the telemetry landscape. The main conclusion is that while telemetry data is essential for operations and security, 35% of organizations still struggle to collect it at scale.

December 12, 2025

rsyslog vs syslog-ng: Which is the right log shipper?

Well, no doubt logging is the nervous system of any IT infrastructure. From troubleshooting outages to satisfying compliance audits and threat management, having the right log management pipeline can make the difference between smooth operations and chaotic firefighting. For decades, syslog-ng and rsyslog have been two of the most widely used log management tools for Unix and Linux environments. Both provide implementations of the original 1980s syslog protocol and are designed to collect, process, and forward log messages across networks.

December 11, 2025

Announcing NXLog Platform 1.10

We are happy to announce the latest release of NXLog Platform, version 1.10. This update introduces streamlined TLS certificate management, broader operating system support, and simplified agent configuration. It will now be even faster and easier to deploy and operate your telemetry pipeline. Want a quick overview? Watch a short demo showcasing the new features in this release: Read on for more details about these updates. Centrally managed certificates for data destinations NXLog Platform 1.

December 10, 2025

Identity and Access Management (IAM): Guide for 2026

Imagine a typical company: employees join, they move between offices and departments, then they leave. Each of these changes requires a systems access update for email, databases, internal tools, and more. Manually managing these transitions can be burdensome and error-prone. And where you have errors, you have inefficiencies and exposure to security breaches — neither of which is good for your business. This is where Identity and Access Management (IAM) comes in.

November 27, 2025

End-to-end Windows file monitoring with FIM and Windows Security Auditing

In the past, we’ve written about monitoring file access in Windows. However, monitoring file access events alone doesn’t capture the full lifecycle of changes that matter for security and compliance. To gain true end-to-end visibility, you need to track not only when a file is accessed, but also when it’s modified, renamed, or deleted. In this guide, we’ll show how combining File Integrity Monitoring (FIM) with Windows Security Auditing delivers a complete file monitoring solution and how NXLog Agent ties these log sources together.

November 19, 2025

Monitoring BIND9 logs: Comparing syslog and dnstap for DNS visibility

As system and network administrators know, DNS logs are essential for understanding what’s happening across your infrastructure, whether you’re troubleshooting slow lookups, investigating odd traffic patterns, or monitoring your security posture. We recently had the opportunity to help a customer set up monitoring for BIND9 logs and discovered that the two main options, syslog and dnstap, offer very different experiences in setup, performance, and the level of DNS visibility they provide.

November 3, 2025

Linux security monitoring: Collecting and visualizing events in Elasticsearch and Kibana

Timely visibility into system activity is what separates effective defense from reactive analysis. Every operating system, application, and device logs a trail of evidence. However, transforming that trail into actionable intelligence requires the right tools. In our previous posts, we’ve walked you through: Visualizing VPN connection logs, Monitoring Windows security events, and Analyzing web server activity logs. In this final installment in our series on log visualization, we’re turning our attention to Linux security monitoring.

October 30, 2025

The shadow IT haunting your network: A Halloween horror story

It’s Halloween season, and while everyone else is worried about ghosts and goblins, you—the sysadmin holding the fort—know the real terror: that dusty print server in the corner that’s been running firmware from 2014. Or the Raspberry Pi someone set up to monitor the server room temperature "temporarily" three years ago. Or the CEO’s personal tablet that absolutely must connect to the internal network because "it’s just easier this way.

All articles

Featured posts

Categories

All articles

Sign up

Featured posts

Categories