NXLog Platform terminology

Rules that define who can view which log types and how far back a user can view data. They act as a second-level filter on top of the user’s roles.

Agent refers to an NXLog Agent instance installed and configured on a computer to collect logs from various sources and forward them to one or more destinations, including NXLog Platform. In addition, NXLog Agent can filter, normalize, and enrich logs before sending them to their destination. A log collector agent is used for agent-based log collection.

The NXLog Platform component for monitoring, configuring, and managing your NXLog Agent fleet. It also includes configuration management and automatic enrollment rules.

An audit log or an audit trail is a type of log that contains a non-repudiable record of system activities. They are an essential part of IT security, giving insight into what is happening in your environment and helping you meet compliance requirements and risk management. NXLog Platform automatically records audit logs. You can view and search the audit log from the NXLog Platform UI.

A way to enroll NXLog Agent instances to NXLog Platform and configure them according to predefined rules. Once you create auto-enrollment rules, all you need to do is install NXLog Agent and configure it for first contact, then let NXLog Platform do the rest.

A predefined NXLog Agent configuration. You can create configurations for different requirements and apply each one to multiple NXLog Agent instances. Configurations allow you to deploy configuration updates to agents in bulk.

In NXLog Platform, a customer is synonymous with an organization. It is an entity subscribed to NXLog Platform. Each organization manages its own users and NXLog Agent fleet.

An NXLog Platform installation. A deployment can be one of three types:

The act of subscribing an NXLog Agent instance to NXLog Platform. An enrolled agent has received a TLS certificate, a public key, and a UUID, and you can manage it from NXLog Platform.

EPS is the standard unit of measurement for log processing speed, i.e., how many events an application can process in one second. In other words, it is a measurement used in IT to define the number of events that go in or out of a system in a given time. NXLog Platform uses EPS to measure the log processing rate.

A device or application producing logs, such as:

A log source sends data to an NXLog Agent instance or exposes logs so NXLog Agent can collect them. Log sources are the basis of licensing.

The NXLog Platform component for storing and managing logs. The database backend runs on ClickHouse and uses a schemaless data structure. It also includes data access rules and saved searches and filters.

NXLog Platform automatically creates log types based on the data it ingests. The log type corresponds to the NXLog Agent SourceModuleName core field, which is the name of the input module instance that collected the data.

An entity subscribed to NXLog Platform. Each organization manages its users and NXLog Agent fleet.

Customer and Organization might be used interchangeably in NXLog Platform, representing the NXLog Platform’s view of the world: each organization has its own set of users, licenses, invoices, etc.

On the NXLog Platform side, we do not require an Organization to be equal to a business entity so that a single company can set up multiple organizations on NXLog Platform, for example, for different departments.

In this sense, using Organization instead of Customer is more descriptive.

An NXLog Agent instance receiving data over the network and forwarding it to a centralized location, such as NXLog Platform or a SIEM.

A set of features sold together, such as the Free, Basic, and Premium subscription plans. You can change or add more features to your subscription over time. Subscriptions are valid for a set period and expire at the end of their term if not renewed.

An NXLog Platform instance belonging to a specific organization. An NXLog Platform cloud deployment may run multiple tenants, while an on-premises deployment runs a single tenant.

NXLog Platform supports Role-Based Access Control (RBAC) to define which parts of the NXLog Platform UI each user can access. Every NXLog Platform user is assigned one or more roles representing the user’s permissions.