NXLog is a modular, multi-threaded, high-performance log management solution with multi-platform support. In concept it is similar to syslog-ng or rsyslog but is not limited to unix/syslog only. It can collect logs from files in various formats, receive logs from the network remotely over UDP, TCP or TLS/SSL . It supports platform specific sources such as the Windows Eventlog, Linux kernel logs, Android logs, local syslog etc. Writing and reading logs to/from databases is also supported. The collected logs can be stored into files, databases or forwarded to a remote log server using various protocols. The old BSD Syslog and the newer IETF syslog standard is fully supported by NXLog in addition to Snare, XML, JSON, GELF, KVP, CSV and custom formats. A key concept in NXLog is to be able to handle and preserve structured logs. No need to convert everything to syslog and parse these logs again at the other side. It has powerful message filtering, log rewrite and conversion capabilities.
- Modular architecture through dynamically loadable plugins
- Multi-threaded, scalable, high-performance I/O - collect messages at blazing speeds (can achieve above 500k EPS)
- Multi-platform - support for Unix/Linux, Windows (XP through 2012), Android
- Scheduled tasks and built-in log rotation
- Support for different formats such as syslog, csv, windows eventlog or even custom formats
- Offline processing mode for post processing, conversion or transfer
- Event classification and pattern matching
- Log message rewrite, conversion between different formats
- Secure network transport over SSL
- Internationalization for supporting different character sets and on the fly auto-detection of encodings
There's a lot of people below saying they can't get nxlog to work on windows. I don't know the particulars of their experience, but Windows is a supported platform, and there are volunteers who will help you if you can't get nxlog to work. I've gotten it to run, and configured it for my needs reasonably successfully. Nxlog works, and works well, and is quite powerful. That's more than I can say about syslog-ng or rsyslog (former doesn't work on Windows, the latter lacked features I needed). Plus, nxlog doesn't use anywhere near the resources of logstash, part of the "ELK Stack" for handling logging. I have only a few minor issues with the software itself. One, the documentation needs a lot more detail. Exec blocks can be particularly hard to sort out, but they are a critical way to get nxlog to do what you need. Two, it can be really hard to figure out what's going on in nxlog's processing. Being able to replay a segment of log file and step through processing would help a fair bit, I suspect. Three, there's many minor features that would really help make this a complete system, especially around JSON, date-times, and HTTP. Great work, nxlog team, and thank you for letting the community use your software! I'll have to remember your work for future projects.
Nothing works correctly for WIndows. All but the simplest things work. Examples in the docs hardly work. After a few days of very frustrating investigation it is clear that this framework is a complete POS.
I'll pay 100 bucks for Azure Table Storage output module.
Wasted hours trying to get this POS to work on Windows. It doesn't. Hit the forums, not a single error same as mine. Tried to use their sample inputs AND outputs based on the online docs, those didn't work, even hit the IRC Chat room. Nothing in there but crickets. Huge waste of time. I'll just use Kiwi. Thanks for absolutely nothing. Your software is garbage.
Very fast, perfomance, has good parsing events, reliable transfer. But it's has't http bulk inserting...