NXLog Enterprise Edition

Your reports are only as good as the data you gather
Make sure you collect event data the right way

The NXLog Enterprise Edition is a high performance, multi-platform log collection solution capable of tackling the most demanding cases log collection may pose. Owing to its rich set of features, it can read almost any log format and parse fields to produce structured data for further processing.

30-day fully functional trial, no credit card required

Ship Log Data to Any SIEM

The NXLog Enterprise Edition works with practically all major SIEM and log analytics products and services.

Avoid vendor lock-in

Ability to send the same events to multiple destinations at the same time.

Main Page

Superior OS Support

Collect audit logs natively on each supported platform in addition to basic operating system logs and application logs

Outstanding Windows Log Collection Capabilities

The NXLog Enterprise Edition is the most advanced log collector for the Windows platform

Can be used as a Windows Event Collector on Linux and Windows to collect WEF remotely
Microsoftexchange Svgrepo Com
Full coverage for Microsoft Exchange logs
Powershell auditing
Msql Server
Collect Microsoft SQL Server audit logs or read/write data in MS SQL tables
Full Windows DNS Server log collection support - collect via ETW or parse the DNS log file
Microsoft Sharepoint log collection support
Collect and parse Microsoft IIS logs
Scan Svgrepo Com
Scan the registry and file system periodically for changes to detect and log modifications

Native macOS Logging Capabilities

NXLog Enterprise Edition can filter, normalize, and aggregate logs from multiple Macs into a single SIEM input stream. It is by far the most configurable and versatile logging solution for macOS.

Capable of collecting all types of logs from Apple OS X as well as any release of macOS running on any Mac hardware, including Macs equipped with Apple’s M1 Chip. It’s now possible for the first time ever to gather ULS events.

macOS Logging with NXLog

Secure and Reliable Collection and Transfer

Signed installation packages
Cyber Security
Reliable transfer with protocol-level acknowledgement
Flow control to prevent data loss during disruptions, even without buffering
Add To Queue
Message buffering and disk-based queues
Data compression to reduce network traffic
Data Transfer
Failover capabilities
TLS/SSL for secure, encrypted data transfer

Remote Management

Managing log collectors across different platforms with segregated administrator roles can be challenging.

Deploy your configuration changes and monitor your agents remotely, without local administrator access.

Remote Management - NXLog Enterprise Edition

Extreme Flexibility

Agent-side enrichment, filtering, pattern matching, log format conversion
Log Format
Read multiple log sources simultaneously
Python 2
Use Perl, Python, Ruby, Go, or Java to create custom parsers or collection logic
Web Programming
Simple and powerful configuration syntax
Support for different encodings
Event cor­re­la­tion
Built-in log rotation and retention
Send to more than one destination if needed
Resolve numeric IDs to human readable names to improve transparency

Agentless, Agent-based, and Cloud Log Collection Modes

May be deployed as a collection agent, standalone collector system, log relay, or in hybrid mode.

For agent-based collection NXLog is installed on the system generating the log data. In agentless deployments the log sources send their data to NXLog, or NXLog queries the sources over the network.

The ideal tool to collect and centralize log data

Agent Mode

Fast, Reliable, and Efficient

Self-contained, lightweight agent
Blazingly fast, scalable
Read and write compressed files
Runs as native, compiled code - no extra runtime required
Global Network
Can handle thousands of connections in server mode
Network packet capture support

Wide Range of Data Formats and Protocols

Designed with structured data in mind, NXLog embraces structured logging to alleviate the need for writing parsers while most other log collectors are still syslog-based.

Data Protocol

File Integrity Monitoring

Detection mechanism to record and monitor intentional and unintentional changes to important files and folders

Compliant 2
Meet obligations and compliance mandates
Enable alerting by detecting and logging changes to monitored assets
Malware 2
Support incident response and malware detection by logging changes to critical assets
Hacker 2
Help detect intrusion by identifying and logging modifications to configuration files

Storing Logs

Encryption and compression enable safe and cost-efficient long term storage of the collected logs

Industrial Control Systems / SCADA

NXLog can be used to collect logs from the Windows computers providing operator access and forward them to a SIEM. NXLog’s unique passive network monitoring capability can be used to log traffic on the industrial control segment of the network. It can parse and decode network traffic logs into human-readable information that can be processed by a regular SIEM. This allows customers to create a single Security Operation Center with improved visibility into all aspects of production.

Enhance SCADA/ICS systems log collection capabilities with NXLog.

ICS/SCADA Logging with NXLog

Leverage the Raijin Database as an event store with NXLog Enterprise Edition

Direct integration
Big data
Provides easy access to event data without normalization
Uses familiar SQL-like queries
Visualize data through Grafana or Apache Superset
Provides encrypted and compressed data storage

Regular Hot Fixes

There are security flaws discovered every other day that need attention. OS upgrades may break your log management system. Adding some new log sources can be a challenge.

Unlike the NXLog Community Edition, which is a volunteer effort, the NXLog Enterprise Edition receives regular hot-fixes and enhancements. You and your organization can feel a lot safer, especially with the NXLog Enterprise Support subscription.

Hot Fixes

Build a scalable logging infrastructure

The ultimate log collection and centralization solution

Download and try NXLog Enterprise Edition

See our extended documentation and how to set up the tool

Getting a quote on pricing is easy