Today's IT infrastructure can be very demanding in terms of event logs. Hundreds of different devices, applications, appliances produce vast amounts of event log messages. These must be handled in real time, forwarded or stored in a central location after filtering, message classification, correlation and other typical log processing tasks. In most organizations these tasks are solved by connecting a dozen different scripts and programs which all have their custom format and configuration. The NXLog Community Edition is an open source, high-performance, multi-platform log management solution aimed at solving these tasks and doing it all in one place.

In concept NXLog is similar to syslog-ng or rsyslog but it is not limited to unix and syslog only. It supports different platforms, log sources and formats so nxlog can be an ideal choice to implement a centralized logging system.

Centralize your Windows, Unix, Linux, BSD, Android and application logs on Windows, Unix, Linux, BSD, Android.

It can collect logs from files in various formats, receive logs from the network remotely over UDP, TCP or TLS/SSL on all supported platforms. It supports platform specific sources such as the Windows Eventlog, Linux kernel logs, Android device logs, local syslog etc. Writing and reading logs to/from databases is also supported for many database servers. The collected logs can be stored into files, databases or forwarded to a remote log server using various protocols. The old BSD Syslog and the newer IETF syslog standard (RFC 3164 and RFC 5424-5426) is fully supported by NXLog in addition to other custom formats. A key concept in nxlog is to be able to handle and preserve structured logs so there is no need to convert everything to syslog and then parse these logs again at the other side. It has powerful message filtering, log rewrite and conversion capabilities. Using a lightweight, modular and multithreaded architecture which can scale, NXLog can process hundreds of thousands of events per second.

Here is a short summary of its features:

  •     Open source
  •     Multi-platform - support for GNU/Linux, IBM AIX, Solaris, HP-UX, BSD, Android and Microsoft Windows (from XP through 2012)
  •     Modular architecture through dynamically loadable plugins
  •     Scalable, high-performance I/O - collect messages at blazing speeds (can achieve above 500k EPS)
  •     Message buffering and prioritization - no lost or dropped messages
  •     Simple configuration format with a powerful language similar to Perl
  •     Scheduled tasks and built-in log rotation
  •     Support for different formats such as Syslog, CSV, GELF, JSON, XML, Windows EventLog and even custom formats
  •     Offline processing mode for post processing, conversion or transfer
  •     Event classification and pattern matching
  •     Log message rewrite, conversion between different formats
  •     Event correlation
  •     Secure network transport over SSL
  •     Internationalization for supporting different character sets and on the fly auto-detection of encoding