Botond Botyanszki, Managing Partner
For any SIEM system, the log collector is undeniably the foundation on which further intelligence can be built upon. A good log collector should be equipped to manage heterogeneous log sources, without which it is like hunting for missing coins in a dumpsite. It takes SIEM engineers a very long time to sanitize the data garbage that lands into the system before making progress. The security of an organization depends on its SIEM competence; meanwhile, SIEM alerts are only as good as the data that is fed to the systems. Driven by this principle is NXLog, a log collector and centralization solution provider. “Our products allow users to collect event data efficiently, securely, and reliably in a vendor-independent manner,” says Botond Botyanszki, managing partner at NXLog.
Most SIEM and log analytics solutions—both agent-based and agentless—claim to have the ability to ingest any kind of data. To add to that, the native tools provided by operating systems often prove inadequate for shipping all the data for security and performance monitoring. In parallel, the agents that come with SIEM products are unreliable, where they are either coded in higher-level languages or based on outdated technologies. This makes it impractical for the administrator to deploy agents at all endpoints as frequent upgrade costs excessively and demands more resources. While in the absence of any of these challenges, a well-known SIEM vendor may be opted for; however, this may put the organization into vendor lock-in.
NXLog solves these impediments with its eponymous solution that is available in two editions. The NXLog Community Edition is a free and open-source log collection tool available across platforms such as Windows and Linux. With over 70,000 downloads globally, this solution is used by both startups and enterprises as a log collector agent and log server.
Being a vendor-independent log collection solution, NXLog lets companies switch to a different SIEM solution without having to reinstall the endpoints again
The NXLog Enterprise Edition has the same flexibility, low memory footprint, and high performance as the Community Edition, in addition to several enhancements and features that help with enterprise deployment. Apart from these, the NXLog Manager gives users a standard web-based UI to manage all agents remotely. The company also provides a number of add-on products to collect logs from various complex data sources, including Okta, Microsoft Exchange, Box, and Salesforce.
“Being a vendor-independent log collection solution, NXLog lets companies switch to a different SIEM solution without having to reinstall the endpoints again,” affirms Botyanszki. With the easy accessibility that allows users to collect audit-level data directly from the Enterprise Edition product, NXLog sets itself apart from most peers. Also, the solution comes with customization and flexibility capabilities that make it compatible and usable across a diverse set of companies—ranging from Fortune 500 companies to national security agencies that deploy over thousands of endpoints in the cloud and on-premises.
Managed security services providers (MSSPs) form an integral part of NXLog’s clientele. The association with an MSSP running Europe’s largest cyberdefence center proves to be an exemplification of how technology partners can benefit from NXLog. The MSSP is able to monitor security events without any data leaving the customer premises, while being able to remotely manage the logging pipeline.
With many such success stories, NXLog’s customer base and revenue have been tripling annually, since its inception. With plans to offer integration possibilities in different languages for log collection, NXLog started including a number of add-ons that can collect logs from cloud-based services.