NXLog Platform terminology

This glossary explains key concepts and definitions of the terminology you will come across in NXLog Platform.

A

Access rules

Rules that define who can view which log types and how far back a user can view data. They act as a second-level filter on top of the user’s roles.

Agent

Agent refers to an NXLog Agent instance installed and configured on a computer to collect logs from various sources and forward them to one or more destinations, including NXLog Platform. In addition, NXLog Agent can filter, normalize, and enrich logs before sending them to their destination. A log collector agent is used for agent-based log collection.

Also known as

log collection agent, log agent, host agent, log collector, log shipper, log data shipper, log collector agent, log forwarder

See also

Agent management
Log collection

Agent management

The NXLog Platform component for monitoring, configuring, and managing your NXLog Agent fleet. It also includes configuration management and automatic enrollment rules.

Also known as

nxlog manager

See also

What is NXLog Platform?
Agent management

Audit log

An audit log or an audit trail is a type of log that contains a non-repudiable record of system activities. They are an essential part of IT security, giving insight into what is happening in your environment and helping you meet compliance requirements and risk management. NXLog Platform automatically records audit logs. You can view and search the audit log from the NXLog Platform UI.

Also known as

audit trail, security log, access log

See also

NXLog Platform audit logs

Automatic enrollment

A way to enroll NXLog Agent instances to NXLog Platform and configure them according to predefined rules. Once you create auto-enrollment rules, all you need to do is install NXLog Agent and configure it for first contact, then let NXLog Platform do the rest.

C

Configuration

A predefined NXLog Agent configuration. You can create configurations for different requirements and apply each one to multiple NXLog Agent instances. Configurations allow you to deploy configuration updates to agents in bulk.

Customer

In NXLog Platform, a customer is synonymous with an organization. It is an entity subscribed to NXLog Platform. Each organization manages its own users and NXLog Agent fleet.

Also known as

organization

See also

Organization management

D

Deployment

An NXLog Platform installation. A deployment can be one of three types:

  • On-premises — A self-hosted NXLog Platform instance running a single tenant.

  • On-premises air-gapped — The same as above but running in an environment without internet access.

  • Cloud — A hosted NXLog Platform instance managed by NXLog. It runs tenants for customers who choose NXLog Platform SaaS.

Also known as

installation, nxlog platform instance

See also

NXLog Platform installation instructions

E

Enroll

The act of subscribing an NXLog Agent instance to NXLog Platform. An enrolled agent has received a TLS certificate, a public key, and a UUID, and you can manage it from NXLog Platform.

EPS (Events Per Second)

EPS is the standard unit of measurement for log processing speed, i.e., how many events an application can process in one second. In other words, it is a measurement used in IT to define the number of events that go in or out of a system in a given time. NXLog Platform uses EPS to measure the log processing rate.

Also known as

event rate, EPS rate, events per second rate, flows per minute, log rate, throughput

See also

Input stream EPS tracking with NXLog

L

Log source

A device or application producing logs, such as:

  • Operating systems

  • Database servers

  • Embedded systems

  • Network devices

A log source sends data to an NXLog Agent instance or exposes logs so NXLog Agent can collect them. Log sources are the basis of licensing.

Also known as

data source, event source

See also

Subscriptions

Log storage

The NXLog Platform component for storing and managing logs. The database backend runs on ClickHouse and uses a schemaless data structure. It also includes data access rules and saved searches and filters.

Also known as

logs database, centralized log storage

See also

What is NXLog Platform?
Log storage
ClickHouse website

Log type

NXLog Platform automatically creates log types based on the data it ingests. The log type corresponds to the NXLog Agent SourceModuleName core field, which is the name of the input module instance that collected the data.

Also known as

event type

See also

Log types management
Core fields

O

Organization

An entity subscribed to NXLog Platform. Each organization manages its users and NXLog Agent fleet.

Customer and Organization might be used interchangeably in NXLog Platform, representing the NXLog Platform’s view of the world: each organization has its own set of users, licenses, invoices, etc.

On the NXLog Platform side, we do not require an Organization to be equal to a business entity so that a single company can set up multiple organizations on NXLog Platform, for example, for different departments.

In this sense, using Organization instead of Customer is more descriptive.

Also known as

customer, NXLog Platform customer

See also

Organization management

R

Relay

An NXLog Agent instance receiving data over the network and forwarding it to a centralized location, such as NXLog Platform or a SIEM.

Also known as

NXLog Agent relay, agent relay, data relay

See also

Using NXLog Agent as a relay
Configure an NXLog Agent relay

S

Subscription

A set of features sold together, such as the Free, Basic, and Premium subscription plans. You can change or add more features to your subscription over time. Subscriptions are valid for a set period and expire at the end of their term if not renewed.

Also known as

plan, subscription plan

See also

NXLog Platform subscription plans

T

Tenant

An NXLog Platform instance belonging to a specific organization. An NXLog Platform cloud deployment may run multiple tenants, while an on-premises deployment runs a single tenant.

Also known as

NXLog Platform instance

U

User role

NXLog Platform supports Role-Based Access Control (RBAC) to define which parts of the NXLog Platform UI each user can access. Every NXLog Platform user is assigned one or more roles representing the user’s permissions.