nxlog is a modular, multi-threaded, high-performance log management solution with multi-platform support. In concept, it is similar to syslog-ng or rsyslog, but is not limited to Unix/syslog only. It can collect logs from files in various formats, receive logs from the network remotely over UDP, TCP, or TLS/SSL on all supported platforms. It supports platform-specific sources such as the Windows Eventlog, Linux kernel logs, Android device logs, local syslog, etc. Writing and reading logs to/from databases is also supported for many database servers. The collected logs can be stored into files, databases, or forwarded to a remote log server using various protocols. The old BSD Syslog and the newer IETF syslog standard (RFC 3164 and RFC 5424-5426) are fully supported by nxlog in addition to XML, JSON, CSV, GELF, and other custom formats. A key concept in nxlog is to be able to handle and preserve structured logs so there is no need to convert everything to syslog and then parse these logs again at the other side. It has powerful message filtering, log rewrite, and conversion capabilities. Using a lightweight, modular, and multi-threaded architecture which can scale, nxlog can process hundreds of thousands of events per second.
|Tags||log Log Parser Log management Log Server Log Analysis|
|Operating Systems||Linux Android HP-UX OpenBSD Windows AIX Solaris|
Release Notes: This release contains several bugfixes.
Release Notes: This release adds a new extension module xm_kvp which makes it much easier to parse key-value pairs in log messages, and several other enhancements and bugfixes.
Release Notes: This release contains numerous stabilization fixes, including better handling of network errors. It compiles and runs on AIX and Solaris.
Release Notes: This version brings a new processor module named pm_evcorr that provides event correlation functionality in addition to the already available nxlog language features (variables and statistical counters). This module was greatly inspired by the Perl based sec.pl simple event correlation tool. In addition, some other fixes and enhancements are available in this release such as optional local time formatting in IETF syslog.
Release Notes: The most notable feature addition is the SockBufSize option for the UDP input module, which can help against UDP packet loss. There have been several other bugfixes and enhancements, such as the s/// string replacement operator.