NXLog Enterprise Edition - serving your event data collection needs

Today's IT infrastructure can be very demanding in terms of event logs. Hundreds of different devices, applications, appliances produce vast amounts of event log messages. These must be handled in real-time, forwarded or stored in a central location after filtering, message classification, correlation, and other typical log processing tasks. In most organizations these tasks are solved by connecting a dozen different scripts and programs which all have their custom format and configuration.
The NXLog Enterprise Edition is a high-performance multi-platform log collection solution aimed at solving these tasks and doing it with a single tool.

Watch the product video

Key features

Integrate with any SIEM

The NXLog Enterprise Edition works with a wide range of SIEM and log analytics products and services

Avoid vendor lock-in - integrate with any SIEM

Ability to feed multiple systems

Superior OS support

Collect audit logs natively on each supported platform in addition to basic operating system logs and application logs

Outstanding Windows log collection capabilities

The NXLog Enterprise Edition is the most advanced log collector on the market today for the Windows platform

Collect Windows Eventlog locally or remotely

Can be used as a Windows Event Collector both Linux and Windows to collect WEF remotely

Native Event Tracing for Windows (ETW) log collection support

Full Microsoft Sharepoint log collection support

Powershell auditing

Collect and parse Microsoft IIS logs

Passive network monitor module for Windows

To see all Windows logging features, click here

Full Windows DNS server log collection support - collect via ETW or parse the DNS log file

Pull data from Windows Performance counters

Passive network monitor module for Windows

To see all Windows logging features, click here

Outstanding macOS logging capabilities

Filter, normalize, and aggregate logs from multiple Macs into a single SIEM input stream

Collect Apple System Log (ASL) logs

Basic Security Mode (BSM) auditing

Capture macOS events directly from the ULS logging facility

File Integrity Monitoring (FIM)

Collect kernel log messages

Highly configurable log filtering capabilities

Log enrichment capabilities

Secure and reliable collection and transfer

Compression over the wire to reduce network traffic

Failover support

Data at rest protection

Supports message buffering and disk based queues.

Compression over the wire to reduce network traffic

Full TLS/SSL support for encrypted data transfer

Failover support

Data at rest protection

Remote management

Managing a large number of log collectors across different platforms and with different sysadmin teams in charge can be difficult. Deploy your configuration changes and monitor your agents remotely!

Centralized monitoring and management using NXLog Manager or via command line scripts

Firewall-friendly - management connections can be agent initiated or manager initiated.

Monitor the agent's health and data collection statistics

Fast, reliable and efficient

No extra dependencies required. It does not use Java runtime, python interpreter and runs as native code

Blazingly fast, scalable

Can handle thousands of connections in server mode

Lightweight with a low memory footprint of a few megabytes

Improved feature to read and write compressed files

Batch processing

Network packet capture support

Supports a wide range of data formats and protocols

CEF, LEEF, XML, JSON, CSV, KVP, W3C, Syslog, Checkpoint OPSEC, SDEE, SNMP, NetFlow, Windows Eventlog, Multi-line data, custom formats and IPv6 support

Designed with structured data in mind. Most other log collectors are still Syslog based while NXLog embraces structured logging to alleviate the need for writing parsers

File integrity monitoring

Detect changes to files and directories on all supported platforms

Can also monitor the Windows registry for changes

SCADA/ICS support

Protocol parser for BACNET

Improved handling of complex data in MODBUS packets

Protocol parser for PROFINET

Shipping individually signed packages on Debian

Collect logs from major ICS solutions (Schneider Electric Citect SCADA & Siemens SIMATIC PCS 7)

Leverage the Raijin Database as an event store with NXLog Enterprise Edition

Direct integration

Raijin provides easy access to event data without normalization

Use familiar SQL like queries

Visualize data through Grafana or Apache Superset

Raijin databases provide encrypted and compressed data storage

Download Raijin Database for free

Regular hot fixes

There are security flaws discovered every other day that need attention. OS upgrades may break your log management system. Adding some new log sources can be a challenge.

Unlike the NXLog Community Edition, which is a volunteer effort, the NXLog Enterprise Edition receives regular hot-fixes and enhancements. You and your organization can feel a lot safer, especially with the NXLog Enterprise Support subscription.

Documentation

NXLog Enterprise Edition, just like all NXLog products, comes with extended documentation for full transparency and to help you set up the tool easily.

Read now

REQUEST A FREE TRIAL: Download and give NXLog Enterprise Edition a try for 30 days!

REQUEST AN OFFER: Send us a price inquiry to get a quote!

Explore the NXLog space