NXLog Enterprise Edition

High-performance multi-platform log collection
Published by NXLog

Features

  • NXLog Enterprise Edition
  • NXLog Manager
  • ICS / SCADA Log collection
  • Raijin

NXLog Enterprise Edition

We offer superior log collection technology that works on all major operating systems, which is compatible with most SIEM and log analytics products, and can handle data sources that other tools cannot cope giving you more visibility into your systems and operations.
NXLog Enterprise Edition
Integrate with any SIEM
  • The NXLog Enterprise Edition works with a wide range of SIEM and log analytics products and services.

Regular hot fixes
  • Unlike the NXLog Community Edition, which is a volunteer effort, the NXLog Enterprise Edition receives regular hot-fixes and enhancements. You and your organization can feel a lot safer, especially with the NXLog Enterprise Support subscription.

Superior OS support
  • Collect audit logs natively on each supported platform in addition to basic operating system logs and application logs.

Outstanding Windows log collection capabilities
  • The NXLog Enterprise Edition is the most advanced log collector on the market today for the Windows platform.

Outstanding macOS logging capabilities
  • Filter, normalize, and aggregate logs from multiple Macs into a single SIEM input stream.

Remote management
  • Managing a large number of log collectors across different platforms and with different sysadmin teams in charge can be difficult. Deploy your configuration changes and monitor your agents remotely.

Fast, reliable and efficient
  • No extra dependencies required. It does not use Java runtime, python interpreter and runs as native code.

Supports a wide range of data formats and protocols
  • CEF, LEEF, XML, JSON, CSV, KVP, W3C, Syslog, Checkpoint OPSEC, SDEE, SNMP, NetFlow, Windows Eventlog, Multi-line data, custom formats and IPv6 support.

File integrity monitoring
  • Detect changes to files and directories on all supported platforms.

NXLog Manager

NXLog Manager is a central management and monitoring tool for your NXLog agents. Managing and monitoring a large number of log collector agents can be tough if you have a lot of servers in different roles with multiple teams in charge. Speed up the performance of your security team by making sure that updates and necessary changes are introduced on the fly, and remove painfully long processes.


NXLog Manager was designed to solve log collection induced challenges so that it can remotely manage and monitor NXLog Enterprise Edition instances.

NXLog Manager
Centralized management
  • Manage and monitor your NXLog instances using a central web-based management console.

Agent templates
  • Agents can be assigned to templates so that configuration changes can be applied in bulk. No need to configure each agent separately.

Monitor your agents
  • NXLog Manager monitors your NXLog agent instances, and any errors in the log collection system are immediately visible.

Configuration wizard
  • NXLog Manager offers a web-based UI with configuration forms to help you set up your log collection system without the need to edit text files.

Built-in PKI
  • A built-in certificate management system handles X509 certificates in order to configure TLS based encrypted log transfer easily. Communication with NXLog agents is also encrypted for maximum security.

Distributed mode
  • NXLog Manager can be set up in clustered mode when network topology or geographical separation would require this. This allows managing all your agents from a single interface without having to log into multiple systems.

Pattern and correlation rule editors
  • Create log extraction patterns and correlation rules on the UI. Regular expressions can be tested to ensure that they actually work.

ICS / SCADA Log collection

NXLog is a versatile log collection tool capable of collecting logs from all possible sources on ICS and SCADA systems. It supports native log collection from all of the sources you find in Industrial Control Systems.
ICS/SCADA Log sources
  • Windows Event Logs
  • File logs
  • Passive network monitoring

Passive network monitoring
  • With the im_pcap module NXLog is able to collect logs from any Industrial Control Systems without performance loss.

SCADA Integrations
  • Ready to use Supervisory Control and Data Acquisition (SCADA) integrations available.

ICS Protocol support
  • NXLog makes possible to directly parse the network communication of the following protocols: Modbus, BACNet, IEEE DNP3, PROFINET, IEC 61850, IEC 60870-5-104, S7comm.

Raijin

The schemaless SQL database engine for storing events
Raijin
Support for semi-structured data
  • Raijin is a schemaless database that does not require a schema to be defined up-front allowing you to cope with data variety, since some records may contain fields that are not common in other records. This is especially useful when storing event data in a structured format, considering that event logs can contain virtually any kind of information such as user names, locations, IP addresses, timestamps, and other event attributes.

Faster data ingestion
  • Events are generated 24x7 and arrive in large bursts during peak times. Raijin can ingest data in excess of 100k records per second on commodity hardware. Insertion performance does not degrade as the size of the data grows.

Index-free
  • Traditional RDMBS products employ indexes that need to be created to efficiently query the data. This requires additional storage, reduces ingestion speed, and adds maintenance overhead. Raijin does not use indexes, instead, it stores metadata about data chunks which enables it to query data just as fast.

Using SQL
  • SQL is a universal declarative query language that all data analysts are familiar with. The Raijin Database supports SQL as its primary query language while lifting some of SQL’s limitations. Users do not need to learn yet another domain-specific language to work with data — queries written for other SQL databases can be easily migrated and executed by Raijin.

Encryption of data at rest
  • Log data often contains sensitive information that needs to be protected. Raijin uses strong encryption to reduce the chances of data theft or unauthorized access, and it can help to meet compliance and regulatory standards.

Compression of stored data
  • Raijin can store data in a compressed format. Data compression not only saves disk space but provides a performance boost with modern CPUs. It can compress event log data down to about 15-20% of its original size.

Efficient data storage
  • Raijin uses hybrid columnar data storage. The columnar format combined with vectorized execution greatly increases the data throughput demanded by analytical workloads. It can store and query machine-generated data such as event logs more efficiently than most traditional RDBMS solutions and NoSQL document databases, thereby reducing operational and maintenance costs. It can also function as an ideal data platform for powering BI, reporting, and dashboarding solutions

JSON data representation
  • For handling sparse data, the Raijin Database engine uses a flat JSON representation for the data records. This is natively supported when loading and querying data unlike other SQL solutions that introduced it as a bolted-on afterthought.

Built for analytics
  • Most NoSQL solutions are inefficient or lack support for analytical queries. Raijin supports groups and aggregations using standard SQL syntax.

Exploiting modern CPU features
  • To be able to process large amounts of data, Raijin uses cache-aware algorithms and data structures to exploit the capabilities of modern CPUs. Instead of processing data one tuple at a time, it operates on data blocks. Using vectorized execution backed by optimized SIMD instructions, Raijin ensures that your CPUs are not wasting cycles.

Documentation
  • Raijin’s short introductory article will help set up the tool and quickly show how the Raijin Database engine can solve the major headache application developers and product owners face: schema rigidity.
Unauthorised background image

Your product is just steps away!

Register for FREE to buy, get downloads and access free trials.

Get Resources and Start FREE Trials

Easy Product Activation with Your Account

Products Saved to Personal Digital Library