NXLog Documentation

Output Modules

Output modules are responsible for writing event log data to various destinations.

When running NXLog on Windows, each module can create multiple TCP connections on 127.0.0.1 using ephemeral ports. These should be considered part of the normal network resources needed by NXLog on Windows.

Amazon S3 (om_amazons3) — Forwards logs to Amazon S3
Microsoft Azure Sentinel (om_azure) — Connects to Azure and forwards logs to a blob, table or analytics workspaces
Microsoft Azure Logs Ingestion (om_azuremonitor) — Forwards logs to Azure Monitor via the Log Ingestion API
Batched Compression (om_batchcompress) — Sends compressed log batches to another NXLog agent
Blocker (om_blocker) — Blocks log processing for testing purposes
DBI (om_dbi) — Sends log data to an external database with the libdbi library
Elasticsearch (om_elasticsearch) — Sends logs to an Elasticsearch server
Program (om_exec) — Executes a program or script and writes log data to standard input
Files (om_file) — Writes log messages to files
Go (om_go) — Provides a Go API for generating log data
Google Chronicle (om_chronicle) — Sends logs to Google Chronicle
Google Cloud Logging (om_googlelogging) — Sends logs to Google Cloud Logging
Google Cloud Pub/Sub (om_googlepubsub) — Publishes logs to Google Pub/Sub
HTTP(s) (om_http) — Sends log messages via HTTP or HTTPS connections
Java (om_java) — Provides a Java API for saving or forwarding log data
Kafka (om_kafka) — Publishes event records to an Apache Kafka topic
Null (om_null) — Provides a dummy output for testing or scheduled execution
ODBC (om_odbc) — Uses the ODBC abstraction layer to write log data to a database
OpenTelemetry Exporter (om_otel) — Uses the OpenTelemetry protocol to send data to a collector
Perl (om_perl) — Provides a Perl API for saving or forwarding log data
Named Pipes (om_pipe) — Sends log messages to a named pipe
Python (om_python) — Provides a Python API for saving or forwarding log data
Raijin (om_raijin) — Sends logs to Raijin server
Redis (om_redis) — Sends log data to a Redis server
Ruby (om_ruby) — Provides a Ruby API for saving or forwarding log data
TLS/SSL (om_ssl) — Sends log data over SSL/TLS-secured connections
TCP (om_tcp) — Sends log data over TCP connections
UDP (om_udp) — Sends log data via UDP datagrams
UDP with IP Spoofing (om_udpspoof) — Sends log data via UDP while retaining the source addresses
Unix Domain Sockets (om_uds) — Writes log messages to a local Unix domain socket
WebHDFS (om_webhdfs) — Sends log data to an Apache Hadoop cluster
ZeroMQ (om_zmq) — Provides a log data output via ZeroMQ message transport