Supported Log Formats

Sawmill supports many different log formats using an extensible plug-in architecture. This version of Sawmill supports the following formats. Click a category below to jump to that format category.

Web Server Proxy Server Mail Server Media Server FTP Server Firewall

Network Device Internet Device Application Syslog Server Other Uncategorized

Web Server

• Akamai Web Server (W3C) Log Format
• Amazon S3 Log Format
• Apache/NCSA Combined Log Format
• Apache/NCSA Combined Format (NetTracker)
• Apache/NCSA Combined Format With Server Domain After Agent
• Apache/NCSA Combined Format With Server Domain After Date
• Apache/NCSA Combined Format With Server Domain After Host
• Apache/NCSA Combined Format With Server Domain After Size (e.g. 1&1, Puretec)
• Apache/NCSA Combined Format With Server Domain Before Host
• Apache/NCSA Combined Log Format with Syslog
• Apache/NCSA Combined Format With Cookie Last
• Apache/NCSA Combined Format With Cookie Last (with JSESSIONID)
• Apache/NCSA Combined Format With Visitor Cookie
• Apache/NCSA Combined Format With WebTrends Cookie
• Apache Custom Log Format
• Apache Error Log Format
• Apache Error Log Format (syslog required)
• Apache SSL Request Log Format
• Barracuda WAF Access Log Format
• Barracuda WAF Access Log With Extended Info Format
• BEA WebLogic Log Format
• BeatBox Hits Log Format (default)
• BEA WebLogic
• Blue Coat W3C Log Format (ELFF)
• Amazon Cloudfront Download Log Format
• Amazon Cloudfront Streaming Log Format
• ColdFusion Web Server Log Format
• Common Access Log Format
• Common Access Log Format (Claranet)
• Common Access Log Format (WebSTAR)
• Common Access Log Format, with full URLs
• Apache/NCSA Common Agent Log Format
• Common Error Log Format
• Common Referrer Log Format
• Domino Access Log Format
• Domino Agent Log Format
• Domino Error Log Format
• Domino Referrer Log Format
• Edgecast Log Format
• Flash Media Server Log Format
• Flex/JRun Log Format
• W3C Web Server Log Format
• IBM HTTP Server Log Format
• IBM HTTP Server Common Log Format
• IBM Tivoli Access Manager Log Format
• IIS Log Format
• IIS Advanced Logging Module Log Format
• IIS (ODBC log source) Log Format
• IIS Log Format (dd/mm/yy dates)
• IIS Log Format (dd/mm/yyyy dates)
• IIS Extended Log Format
• IIS Log Format (mm/dd/yyyy dates)
• IIS Extended (W3C) Web Server Log Format
• IIS Extended (W3C) Web Server Log Format (logged through a syslog server)
• IIS Log Format (yy/mm/dd dates)
• Juniper Media Flow Controller Access Log Format (NCSA)
• Juniper Media Flow Controller Access Log Format (2_0_9_Apple_MFC variant, 2012-07-21)
• Juniper Media Flow Controller Access Log Format (Apple variant, 2012-07-21)
• LUNA Insight Media Manager Service Log Format
• Juniper Media Flow Controller Access (W3C) Log Format
• Miva Access Log Format
• Miva Combined Access Log Format
• msieser HTTP Log Format
• NetPresenz Log Format
• NetPresenz Log Format (d/m/y dates)
• NetPresenz Log Format (24-hour times, d/m/y dates)
• Netscape Extended Log Format
• Nginx (using log_format)
• PeopleSoft AppServer Log Format
• PHP Error Log Format
• Sambar Server Log Format
• Sawmill Tagging Server Log Format
• SecureIIS Log Format
• SecureIIS Binary Log Format (SUPPORTED ONLY AFTER TEXT EXPORT)
• SmartFilter (Bess Edition) Log Format
• Squarespace Log Format
• Symantec Web Security CSV Log Format
• Know-how Log Format
• IBM Tivoli Access Manager WebSEAL Log Format
• Tomcat Log Format
• Tomcat Alt
• SquareSpace Tomsquare Log Format
• Trend Micro InterScan Web Security Suite Access Log Format
• URLScan Log Format
• URL-Scan (W3C) Log Format
• Web Logic 8.1 Log Format
• WebLogic Diagnostic Log Format
• BEA Systems WebLogic non-extended (9.2) Log Format
• IBM WebSEAL Request Log Format
• IBM WebSEAL Request With User Agent Log Format
• WebSTAR Log Format
• WebSTAR Proxy Log Format
• WebSTAR W3C Web Server Log Format
• Web Logic W3C Log Format
• Neustar Webmetrics Log Format
• Who's Clicking Who Log Format
• Windows Azure
• Zeus Log Format (Alternate Dates)
• Zeus Extended Log Format

Uncategorized

• SonicWALL Aventail XML Report
• SonicWALL Aventail Client/server Access Log Format
• Metavante Log Format

Syslog Server

• Citrix Firewall Manager Syslog
• Cron Log Format
• Datagram Syslog Format
• GNAT Box Syslogger (v1.3) Syslog
• Imail Header
• Instagate Syslog Format
• IPCop Syslog
• Kiwi Syslog (Logged to Access MDB, then exported tab-separated)
• Kiwi CatTools CatOS Port Usage Format
• Kiwi (dd-mm-yyyy dates)
• Kiwi Syslog (ISO/Sawmill)
• Kiwi Syslog (ISO/Sawmill) for EventSentry
• Kiwi (mm-dd-yy dates, with type and protocol)
• Kiwi (mm-dd-yyyy dates)
• Kiwi (mmm/dd dates, hh:hh:ss.mmm UTC times)
• Kiwi Syslog (UTC)
• Kiwi (yyyy/m/d hh:mm, tab separated) Syslog
• Kiwi (yyyy/mm/dd, space-separated) Syslog
• Kiwi YYYYMMDD Comma Syslog
• BlackStratus LogStorm Syslog
• Minirsyslogd Log Format
• MM/DD-HH:MM:SS Timestamp
• Network Syslog Format
• No Syslog Header (use today's date, or use date/time from message)
• NTsyslog Log Format
• OpenVPN Header
• Passlogd Syslog Format
• Passlogd Syslog (Full Messages)
• PIX Firewall Syslog Server Format
• RedHat syslogd Syslog
• RedHat syslogd (dd/mm/yyyy:hh:mm:ss prefix) Syslog
• Seconds since Jan 1 1970 Timestamp Syslog
• SL4NT Log Format
• SL4NT (dd/mm/yyyy)
• SL4NT (dd.mm.yyyy, commas without spaces)
• SL4NT (yyyy mmm dd) Log Format
• SLNT4 Log Format
• Snare Log Format
• Solar Winds Syslog
• Symantec Mail Security Syslog Format
• Complete Syslog Messages (report full syslog message in one field)
• Syslog NG Log Format
• Syslog NG Log Format (date with no year)
• Syslog NG Log Format (no timezone)
• Syslog NG (tab separated) Log Format
• Syslog NG Log Format (no date in log data; yyyymmdd date in filename)
• Syslog NG Messages Log Format
• SnmpSoft Syslog Watcher
• Syslog (yyyymmdd hhmmss)
• The Dude Syslog
• Timestamp (mm dd hh:mm:ss)
• Unix Auth Log Format
• Unix Daemon Syslog Messages Log Format
• Unix Syslog
• Unix Syslog With Year
• Wall Watcher Log Format
• WinSyslog
• Windows NT Syslog
• Windows Syslog Format
• Zentyal Syslog

Proxy Server

• Astaro SMTP Proxy Log Format
• Helix Universal Proxy Server (Types: 0,1,2,3,4,5) Log Format
• Blue Coat Log Format
• Blue Coat Log Format (Alternate)
• Blue Coat Custom Log Format
• Blue Coat Squid Log / SGOS Format
• Cisco Wide Area Application Services (WAAS) TCP Proxy (v4.1+) Log Format
• Cisco Wide Area Application Services (WAAS) TCP Proxy (v4.0) Log Format
• Combined Proxy Log Format
• Common Proxy Log Format
• CP Secure Content Security Gateway
• EZProxy Log Format
• EZproxy Custom Log Format
• Hand-Crafted Software FreeProxy Log Format
• F-Secure HTTP Access
• IronPort S-Series Access Logs HR Profile for Extended Squid Format
• IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format
• IronPort S-Series Traffic Monitor Logs v2008-04-03 for WSA v5.1
• IronPort S-Series Traffic Monitor Logs v2008-08-22 for WSA v5.2+
• Microsoft Port Reporter Log Format
• Microsoft Proxy Log Format
• Microsoft Proxy Log Format (d/m/yy dates)
• Microsoft Proxy Log Format (d/m/yyyy dates)
• Microsoft Proxy Log Format (m/d/yyyy dates)
• Microsoft Proxy Packet Filtering Log Format
• Microsoft Proxy Log Format (Bytes Received Field Before Bytes Sent)
• MIMEsweeper Log Format
• SuperLumin Networks Nemesis
• OCLC EZproxy Log Format
• NETGEAR ProSecure UTM10
• ProxyPlus Log Format
• Proxy-Pro GateKeeper Log Format
• SafeSquid Combined/Extended Log Format
• Squid Common Log Format
• Squid Common Log Format - Syslog Required
• Squid Event Log
• Squid Log Format With Full Headers
• Squid Guard Log Format
• Squid Log Format With ncsa_auth Package
• Squid Log Format
• Useful Utilities EZproxy Log Format
• VICOM Gateway Log Format
• Vicomsoft Internet Gateway Log Format
• Visonys Airlock Log Format
• McAfee Web Gateway
• Websense Log Format
• Websense Server Log Format
• WinGate Log Format (no Traffic lines, dd/mm/yy dates)
• WinGate Log Format (no Traffic lines, mm/dd/yy dates)
• WinGate Log Format (with Traffic lines)
• Winproxy 5.1 Log Format (yyyy-mm-dd dates)
• WinProxy Alternate Log Format
• WinRoute Web Log Format
• Winproxy Log Format
• Winproxy Log Format (2-digit years)
• Winproxy Common Log Format
• Kerio Winroute Firewall Log Format
• Youngzsoft CCProxy Log Format

Other

• 3Com NBX 100 Log Format
• Array 500 Combined Log Format
• Ascend Log Format
• Atom Log Format
• Autodesk Network License Manager (FlexLM) Log Format (Enhanced Reports)
• Autodesk Network License Manager (FlexLM) Log Format
• openldap Log Format (BETA)
• BitBlock Log Format
• Blue Coat Instant Messenger Log Format
• Borderware runstats Log Format
• CFT Account Log Format
• Click To Meet Log Format
• Cumulus Digital Asset Management Actions Log Format
• CWAT Alert Log Format
• Dade Behring User Account Format (With Duration)
• Dade Behring User Log Format
• Digital Insight Magnet Log Format
• Dorian Event Archiver (Windows Event Log) Format
• du Disk Usage Tracking Format (find /somedir -type f | xargs du)
• EDM Web Services Identity Log Format
• Eventlog to Syslog Format
• Event Reporter Logs (version 7)
• Event Reporter v6
• FastHosts Log Format
• FedEx Tracking Log Format
• CSV (Generic Comma-Separated Values) Log Format
• Google Log Format
• GroupWise Internet Agent Accounting Log Format (2-digit years)
• GroupWise Internet Agent Accounting Log Format (4-digit years)
• GroupWise Post Office Agent Log Format
• GroupWise Web Access Log Format (dd/mm/yy)
• Groupwise Web Access Log Format (mm/dd/yy)
• Hosting.com Log Format
• HP UX Audit Log Format
• htdig Log Format
• Novell iChain Extended (W3C) Web Server Log Format
• iPlanet Error Log Format
• Novell iChain W3C Log Format
• Avaya Identify Engines
• InfiNet Log Format
• INN News Log Format
• INN News Log Format (Alternate)
• IOS Debug IP Packet Detailed (Using Syslog Server)
• ipchains Log Format
• ipEnforcer
• IPMon Log Format (Using Syslog Server)
• IST Log Format
• Java Administration MBEAN Log Format
• Lava2 Log Format
• log4j Custom Log Format
• Sawmill Task Log Format
• Metavante CEB Failed Logins Log Format
• Microsoft Elogdmp (CSV) Log Format (CSV)
• Microsoft Server NPS SQL (ODBC Log Source)
• Nessus Log Format
• NetKey Log Format
• Netscape Messenger Log Format
• Netstat Log Format (uses script generated timestamp from log or GMT time)
• nmap Log Format
• nnBackup Log Format
• Norstar PRELUDE and CINPHONY ADC Log Format
• Nortel Meridian 1 Automatic Call Distribution (ACD) Log Format
• Optima Log Format
• Oracle Express Authentication Log Format
• O'Reilly Log Format
• OSSEC Alert Log Format
• KEIKO PLAN-N Access Control Software
• Planet-Share InterFax Log Format
• Microsoft Windows Event (Powershell ETVX to CSV)
• praudit Log Format
• PSLogList Log Format
• RACF Security Log Format
• RAIDiator Error Log Format
• Redcreek System Message Viewer Format
• Savvion BPM
• Servers Alive Log Format
• Servers Alive (Statistics) Log Format
• SIMS Log Format
• SLURM Log Format
• Snare for AIX Log Format
• Sourcefire IDS
• Symantec Antivirus Log Format
• Symantec System Console Log Format
• Sysreset Mirc Log Format
• tcpdump Log Format (-tt)
• tcpdump Log Format
• tcpdump Log Format (-tt, with interface)
• tcpdump Log Format (-tt, with interface) Alternate
• Tellique Log Format
• Tomcat (using Access Log Valve pattern)
• Trend Micro Control Manager
• Unicomp Guinevere Log Format
• Unicomp Guinevere Virus Log Format
• Unix Sudo Log Format
• Unreal Media Server Log Format
• UPS WEB/SNMP Manager
• User Activity Tracking Log Format
• Vasco iKey Server Log Format
• WAP
• WebSEAL CDAS Log Format
• WebSEAL Audit Log Format
• WebSEAL Authorization (XML) Log Format
• WebSEAL Error Log Format
• WebSEAL Security Manager Log Format
• WebSEAL Wand Audit Log Format
• WebSEAL Warning Log Format
• WebSphere Business Integration Message Brokers User Trace Log Format
• Welcome Log Format
• Whatsup Syslog
• WhistleBlower (Sawmill 6.4)
• WhistleBlower Performance Metrics Log
• Windows Performance Monitor
• Windows 2000/XP Event Log Format (export list-CSV) ddmmyyyy
• Windows 2000/XP Event Log Format (save as-CSV) dd/mm/yyyy
• Windows 2000/XP/2003 Eventlog via Syslog
• Windows 7/Server 2008 Eventlog via Syslog
• Windows Event Log Format (24 hour times, d/m/yyyy dates)
• Windows Event Log Format (ALTools export)
• Windows Event (Comma Delimited, m/d/yyyy days, h:mm:ss AM/PM times) Log Format
• Windows Event (Comma Delimited) Log Format
• Windows Event (Comma Delimited) dd.mm.yyyy Log Format
• Windows Event Log (comma or tab delimited, no am/pm, 24h & ddmmyyyy) Log Format
• Windows (Server 2008/Vista) Event Log Format (CSV Export, dd/mm/yyyy)
• Windows Event Log Format (dumpevt.exe export)
• Windows Event Log Format (dumpel.exe export)
• Windows Event Log (dumpeventlogs.vbs export)
• Windows Event .evt Log Format (SUPPORTED ONLY AFTER CSV OR TEXT EXPORT)
• Windows XP Event Log (Microsoft LogParser CSV Export)
• Windows (Server 2008/Vista) Event Log Format (CSV Export, m/d/yyyy dates)
• Windows Event (Tab Delimited) Log Format
• Microsoft Windows Event Log (XML) Log Format
• Windows NT4 Event Log Format (save as-CSV)
• Windows NT Scheduler Log Format
• Winsshd Log Format
• Bitvise WinSSHD Log Format
• X-Stop Log Format
• Yamaha RTX Log Format

Network Device

• 3Com Office Connect / WinSyslog Log Format
• Annex Term Server
• Apple File Service Log Format
• AppleShare IP Log Format
• Aruba 600 Series Mobility Controller Log Format
• Aruba 800 Wireless LAN Switch Log Format
• Aventail Web Access Log Format [AAR plug-in 1.6]
• Aventail Web Access (Syslog Required) Log Format
• Cisco WLAN Controller Log Format (BETA)
• TACACS+ Accounting Log Format (BETA)
• Bind 9 Query Log Format
• Bind 9 Log Format (Syslog required)
• BIND 9 Query Log Format (with timestamp)
• Bind Query Log Format
• Bind Query Log Format With Timestamp
• Bind Response Checks Log Format
• Bind Security Log Format
• Bind 9 Update Log Format (with timestamp)
• Bindview Reporting Log Format
• Bindview User Logins Log Format
• Bindview Windows Event Log Format
• Bintec VPN 25 or XL
• Bluesocket Log Format
• bpft4 Log Format
• bpft4 Log Format (with interface)
• bpft traflog Log Format
• OSSEC Checkpoint
• Cisco 827 Log Format (Kiwi, Full Dates, Tabs)
• Cisco 3750 Log Format
• Cisco Access Control Server Log Format
• Cisco Access Register
• Cisco ACNS log w/ SmartFilter
• Cisco As5300 Log Format
• Cisco CE Log Format
• Cisco CE Common Log Format
• Cisco EMBLEM Log Format
• Cisco IDS Netranger Log Format
• Cisco IPS Log Format
• Cisco NetFlow
• Cisco NetFlow (version 1)
• Cisco NetFlow Binary (DAT) Log Format (SUPPORTED ONLY AFTER ASCII EXPORT)
• Cisco NetFlow (flow-export)
• Cisco NetFlow (FlowTools ASCII Export)
• Cisco NetFlow (no dates)
• Cisco Router Log Format (Using Syslog Server)
• Cisco Router Log Format (no syslog)
• Cisco SCA Log Format
• Cisco Secure Server (RAS Access) Log Format
• Cisco SOHO77
• Cisco Voice Router
• Cisco VPN Concentrator
• Cisco VPN Concentrator Alt
• Cisco VPN Concentrator (Comma-delimited)
• Cisco VPN Concentrator (Comma separated - MMDDYYYY)
• Cisco VPN Concentrator Syslog Log Format
• CiscoWorks Syslog Server Format
• Citrix NetScaler Log Format
• Clavister Firewall Binary Log Format (SUPPORTED ONLY AFTER FWLoggqry.exe EXPORT)
• Kerio Control Security Log Format
• DLink DI-804HV Ethernet Broadband VPN Router Log Format
• DNSone DHCP Log Format
• Amazon Web Services Elasic Load Balancer
• Wireshark (previously Ethereal)
• Wireshark/Ethereal/tcpdump Binary Log Format (SUPPORTED ONLY AFTER -r -tt CONVERSION)
• F5 Load Balancer
• F5 SSL VPN
• Checkpoint Firewall-1 Binary Log Format [SUPPORTED ONLY AFTER TEXT EXPORT]
• Foundry Networks Log Format
• Foundry Networks BigIron
• Free Radius Log Format
• honeyd Log Format
• IBM Tivoli NetView Log Format
• Imperva WAF
• Intel NetStructure VPN Gateway Log Format
• InterScan Viruswall Log Format
• InterMapper Chart Log Format
• InterMapper Event Log Format
• Intermapper Outages Log Format
• Intermapper Outages Log Format (dd mmm yyyy dates, 24-hour times)
• Intermapper Outages Log Format (mmm dd yyyy dates, AM/PM times)
• Internet Security Systems Network Sensors
• Intersafe HTTP Content Filter Log Format
• Interscan E-mail Log Format
• Interscan E-mail Viruswall Log Format
• Interscan Proxy Log Format (dd/mm/yyyy dates)
• Interscan Proxy Log Format (mm/dd/yyyy dates)
• Interscan Viruswall Virus Log Format
• iptables Log Format
• IPTraf Log Format
• IPTraf TCP/UDP Services Log Format
• IP Traffic LAN Statistics Log
• ISC DHCP Log Format
• ISC DHCP Leases Log Format
• Trend Micro IWSVA
• Jataayu Carrier WAP Server (CWS) Log Format
• Kerio Network Monitor Log Format
• Kerio Network Monitor HTTP Log Format
• KS-Soft Host Monitor log format
• Lancom Router
• LinkSys Router Log Format
• LinkSys VPN Router
• Mikrotik Router Log Format
• Mikrotik Web Proxy Log Format
• MonitorWare
• MonitorWare (Alternate)
• Nagios Log Format
• Neoteris Log Format
• Net-Acct
• Cisco NetFlow (nfdump -o long)
• NetForensics Syslog Format
• NetGear Log Format
• NetGear DG834G Log Format
• NetGear FR328S Log Format
• NetGear FVL328 Log Format (logging to syslog)
• Netgear FVL328 Log Format (logging to syslog)
• Netgear FVS318
• Netgear FVS318 With Syslog
• Netgear Security Log Format
• Netgear Security Log Format (logging to syslog)
• Netopia 4553 Log Format
• Nortel Contivity (VPN Router and Firewall) Log Format
• Nortel Networks RouterARN Format (SUPPORTED ONLY AFTER TEXT EXPORT)
• OpenVPN Log Format
• Palo Alto Networks Firewall CEF Format
• Piolink Network Loadbalance Log Format
• Radius Accounting Log Format
• Radius Accounting Log Format II
• Radius ACT Log Format
• Radware Linkproof OnDemand Switch Log format
• Radware Load Balancing (Using Syslog Server)
• RRAS MS 2012 R2 Server (CSV)
• Simple DNS
• Si-R Log Format
• SiteGuard Log Format
• SiteMinder Apache WebAgent Log Format
• SiteMinder Web Acccess Manager Log Format
• SiteMinder WebAgent Log Format
• SNMP Manager Log Format
• Snort Log Format (syslog required)
• Snort 2 Log Format (syslog required)
• IPCop IDS Snort (multiline) Log Format
• Snort Log Format (standalone, mm/dd dates)
• Snort Log Format (standalone, mm/dd/yy dates)
• SNORT Portscan Log Format
• Socks 5 Log Format
• Steel Belted Radius ACT Log Format
• Succendo SSL VPN Log Format
• TACACS+ Accounting Log Format
• tinyproxy
• Tipping Point Log Format
• Trend Micro Control Manager 2014
• Trend Micro Deep Security
• TrendMicro/eManager Spam Filter Log Format
• Trend Micro InterScan Messaging Security Suite (IMSS) eManager Log Format
• Trend Micro ScanMail For Exchange Log Format
• Trend ServerProtect CSV Admin Log Format
• Trend Webmanager Log Format
• Vidius Combined Log Format
• Watchguard Binary (WGL) Log Format (SUPPORTED ONLY AFTER TEXT EXPORT)
• 4ipnet WHG Log Format
• Windows 2000/2003/2008 DNS Log Format
• Microsoft Windows DHCP Server Log Format
• Zentyal Log Format
• ZyXEL Communications Log Format

Media Server

• Akamai HTTP Streaming (W3C) Log Format
• Blue Coat RealMedia Log Format
• Blue Coat Windows Media Log Format
• Cisco eCDS Log Format
• Evostream Media Server Log Format
• Helix Session Manager Log Format
• Helix Universal Server Log Format
• Helix Universal Server (Style 5) Log Format
• IceCast Log Format
• IceCast Alternate Log Format
• IceCast Playlist Log Format
• Limelight Flash Media Server Log Format
• Limelight SHOUTcast Service Log Format
• Microsoft Media Server Log Format
• NPR Digital Services IceCast Reporting Log Format
• Quicktime/Darwin Streaming Server Log Format
• Quicktime Streaming Error Log Format
• RealProxy Log Format
• RealServer Log Format
• RealServer Log Format, Alternate
• RealServer Error Log Format
• Sawmill Unified Media Log Format
• SHOUTcast Log Format
• SHOUTcast W3C Log Format
• VBrick EtherneTV Portal Server Log Format
• Wowza Media Server Log Format

Mail Server

• Aladdin Esafe Gateway Log Format
• Aladdin eSafe Mail Log Format
• Aladdin eSafe Sessions Log Format
• Aladdin eSafe Sessions Log Format v5/v6
• Aladdin eSafe Sessions (with URL category) Log Format
• Amavis Log Format
• Anti-Spam SMTP Proxy (ASSP) Log Format
• Argosoft Mail Server Log Format
• Argosoft Mail Server Log Format (with dd-mm-yyyy dates)
• Argsoft Mail Server Log Format
• AspEmail (Active Server Pages Component for Email) Log Format
• Barracuda Spam Firewall - Syslog
• EIMS SMTP (24 hour) Log Format
• Symantec Brightmail Gateway (via syslog)
• Cellopoint Email Firewall Log Format
• Centrinity FirstClass Log Format
• Centrinity FirstClass (m/d/yyyy) Log Format
• ClamAV
• Communigate Log Format
• CommuniGate Pro Log Format
• Courier POP3/IMAP Mail Server
• Critical Path Mail Server POP/IMAP Log Format
• Critical Path Mail Server SMTP Log Format
• Declude SPAM
• Declude Virus
• DeepMail IMAP/POP3/SMTP Server Log Format
• Dovecot Secure IMAP/POP3 Server Log Format
• EIMS Error Log Format
• EIMS SMTP (12 hour) Log Format
• EIMS SMTP (24 hour) Log Format
• EmailCatcher
• McAfee Email Gateway
• McAfee Email Gateway (IronMail) (showevents export)
• McAfee Email Security Appliance Log Format
• Microsoft Exchange Internet Mail Log Format
• Microsoft Exchange Server (W3C) Log Format
• Microsoft Exchange Server Log Format (via syslog)
• Exim Log Format
• Exim 4 Log Format
• FirstClass Server Log Format
• FortiMail Log Format
• FortiMail Log Format
• GFI Attachment & Content Log Format
• GFI Spam Log Format
• GMS POP Log Format
• GMS POST Log Format
• GMS SMTP Log Format
• GW Guardian Antivirus Log Format
• GW Guardian Spam Log Format
• hMailserver Log Format
• Hurricane MTA
• iMail Log Format
• iMail Log Format, Alternate
• iPlanet Messaging Server 5/6 MTA Log Format
• IIS SMTP Comma Separated Log Format
• IIS SMTP Common Log Format
• IIS SMTP W3C Log Format
• IMail Log Format
• Interscan Messaging Security Suite Integrated Log Format
• Interscan Messaging Security Suite Log Format
• Interscan Messaging Security Suite (emanager) Log Format
• Interscan Messaging Security Suite (virus) Log Format
• iPlanet Messenger Server 5 Log Format
• IronPort C-Series Log Format
• IronPort Bounce Log Format
• Ironmail AV Log Format (Sophos)
• Ironmail CSV Log Format
• Ironmail SMTPO Log Format
• Ironmail SMTP Proxy Log Format
• Ironmail Sophosq Log Format
• Ironmail Spam Log Format
• eSafe Sessions (with URL category) JTC June/2012
• Kaspersky Log Format
• Kaspersky Labs for Mail Servers (linux) Log Format
• Kerio Connect (Mail Server) Log Format
• LISTSERV Log Format
• LogSat SpamFilterISP Log Format B500.9
• Lucent Brick (LSMS) Admin Log Format
• LSMTP Log Format
• LSMTP Access Log Format
• Lyris MailShield Log Format
• Openfind Mail2000 Log Format
• Mail Enable W3C Log Format
• MailEssentials Log Format
• MailMax SE Mail POP Log Format
• MailMax SE SMTP Log Format
• MailScanner Log Format (testfase)
• MailScanner Virus Log Format (email messages sent)
• MailStripper Log Format
• MailSweeper (AM/PM) Log Format
• MailSweeper (24 Hour) Log Format
• MailSweeper (long) Log Format
• Mailer Daemon Log Format
• Mailman Post Log Format
• Mailman Subscribe Log Format
• mailscanner Log Format
• McAfee E1000 Mail Scanner
• MDaemon 7 Log Format
• MDaemon 7 (All) Log Format
• MDaemon 8+ Log Format
• MDaemon Routing Log Format
• Merak POP/IMAP Log Format
• Merak SMTP Log Format
• Microsoft Exchange Server Log Format
• Microsoft Exchange Server 2000/2003 Log Format
• Microsoft Exchange Server 2000 Log Format (comma separated)
• Microsoft Exchange Server 2007/2010 Log Format (comma separated)
• Microsoft Exchange Server 2013 Transport Connectivity
• Microsoft Exchange Server 2013 Log Format (comma separated)
• Mirapoint SMTP Log Format
• Mirapoint SMTP Log Format (Logged To Syslog)
• msieser SMTP Log Format
• MTS Professional Log Format
• NEMX PowerTools for Exchange
• Lotus Notes Log Format
• Novell NetMail Log Format
• Novell NetMail 3.5 Log Format
• Openwave Intermail Log Format
• Open WebMail Log Format
• Post Office Mail Server Log Format
• PostWorks IMAP Log Format
• PostWorks POP3 Log Format
• PostWorks SMTP Log Format
• Postfix or Brightmail Gateway Log Format
• qmail-scanner Log Format
• qmail (Syslog Required) Log Format
• qmail Log Format (TAI64N dates)
• RaidenMAILD Log Format
• Scanmail For Exchange Log Format
• Sendmail Log Format
• Sendmail (no syslog) Log Format
• Sendmail for NT Log Format
• SmartMaxPOP Log Format
• SmartMaxSMTP Log Format
• SmarterMail Log Format
• Sophos Antispam Message Log Format
• Sophos Antispam PMX Log Format
• Sophos Mail Monitor for SMTP
• SpamAssassin Log Format
• spamd (SpamAssassin Daemon) Log Format
• Symantec Gateway Security 2 (CSV) Log Format
• Symantec Mail Security Log Format
• TFS MailReport Extended Log Format
• uw-imap Log Format
• InterScan VirusWall (urlaccesslog)
• WebWasher Log Format
• WinRoute Mail Log Format
• XMail SMTP Log Format
• XMail Spam Log Format
• Zimbra Collaboration Mail Server

Internet Device

• DansGuardian 2.2 Log Format
• DansGuardian 2.4 Log Format
• DansGuardian 2.9+ Log Format
• Equiinet Web Filter Log Format 5.5
• Guardix Log Format (IPFW)
• iPrism Monitor Log Format
• iPrism-rt Log Format
• iPrism (with syslog)
• ICAP (Internet Content Adaptation Protocol) Log Format
• ISS Log Format
• McAfee Webshield Log Format
• McAfee Webshield XML Log Format
• Message Sniffer Log Format
• N2H2 Log Format
• N2H2 / Novell Border Manager Log Format
• N2H2 Sentian Log Format
• NetApp Filers Audit Log Format
• NetApp NetCache Log Format
• NetApp NetCache 5.5+ Log Format
• Netegrity SiteMinder Access Log Format
• Netegrity SiteMinder Event Log Format
• Netilla Log Format
• Packet Dynamics Log Format
• Privoxy Log Format
• Vircom Log Format
• Websweeper Log Format

FTP Server

• BDS FTP Log Format
• Bulletproof/G6 FTP Log Format (dd/mm/yy dates, 24-hour times)
• Bulletproof/G6 FTP Log Format (dd/mm/yyyy dates)
• Bulletproof/G6 FTP Log Format (dd/mm/yyyy dates, 24 hour times)
• Bulletproof/G6 FTP Log Format (mm/dd/yy dates)
• Bulletproof/G6 FTP Log Format (mm/dd/yyyy dates)
• Bulletproof/G6 FTP Sessions Log Format
• Bulletproof/G6 FTP Log Format (yyyy/mm/dd dates)
• FileZilla Server (d/m/yyyy) Log Format
• FileZilla Server (m/d/yyyy) Log Format
• FileZilla Server (yyyy-mm-dd) Log Format
• Flash FXP Log Format
• Gene6 FTP Server Log Format
• Gene6 FTP W3C Log Format
• Globalscape EFT Format
• IIS FTP Server Log Format
• MacOS X FTP Log Format
• Ipswitch MOVEit DMZ
• Ipswitch MOVEit DMZ SSH
• NcFTP Log Format (Alternate)
• NcFTP Xfer Log Format
• ProFTP Log Format
• PureFTP Log Format
• PureFTP Log Format (Syslog)
• Raiden FTP Log Format
• Rumpus HTTP Log Format
• Rumpus FTP Log Format
• WU-FTP Log Format
• Serv-U FTP Log Format
• UNIX FTP Log Format
• vsftpd Log Format
• War FTP Log Format
• War FTP Log Format (Alternate)
• WebSTAR FTP Log Format
• WS_FTP Log Format
• Ipswitch WS_FTP (XML)
• WU-FTP Log Format
• WU-FTP Log Format (yyyy-mm-dd Dates, Server Domain)

Firewall

• 3Com 3CRGPOE10075 Log Format
• 8e6 Content Appliance Log Format
• AboCom VPN Firewall FW550
• Applied Identity WELF Log Format
• ARBOR Networks eSeriese
• Argus
• Array Networks APV Log Format
• Array Networks SPX WELF Log Format
• Array Networks SPX WELF & Squid mixed Log Format
• AscenLink Log Format
• Astaro Security Gateway Log Format
• Barracuda Spyware Firewall / Web Filter Log Format
• Barracuda WAF Log Format
• Barracuda WAF Access Log Format (With Field Header)
• Barracuda WAF Audit Log Format
• Barrier Group Log Format
• Barrier Group Log Format (BETA)
• BigFire / Babylon accounting Log Format
• Bomgar Box Log Format
• Novell Border Manager Log Format
• Borderware Log Format
• Broadweb IPS UTM
• BroadWeb NetKeeper Log Format
• Cell Technology IPS Log Format
• Check Point SNMP Log Format
• Cisco PIX/ASA/Router/Switch Log Format
• Clavister Firewall Log Format (comma-separated)
• Clavister Firewall Log Format (CSV)
• Clavister Firewall Syslog Log Format
• Clavister SG
• Coradiant Log Format (object tracking)
• Coradiant TrueSight Log Format (object tracking) v2.0
• Cyberguard WELF Log Format
• Cyberguard Firewall (non-WELF) Audit Log Format
• Cyberguard WELF Log Format
• Radware DefensePro Log Format
• Enterasys Dragon IDS Log Format
• F5 Networks Application Security Manager Log Format
• Firebox Log Format
• FirePass SSL VPN Log Format
• Firepass SSL VPN (syslog) Log Format
• Firewall-1 (fw log export) Log Format
• Firewall-1 (fw log -ftn export) Log Format
• Firewall-1 (fw logexport export) Log Format
• Firewall-1 Log Viewer 4.1 Export Log Format
• Firewall-1 (fw1-loggrabber) Log Format
• Firewall-1 (fw1-loggrabber with syslog) Log Format
• Firewall-1 NG (text export) Log Format
• Firewall-1 Next Generation Full Log Format (text export)
• Firewall-1 Next Generation General Log Format (text export)
• Firewall-1 Text Export Log Format
• Firewall-1 via Syslog Log Format
• Firewall1 Webtrends Log Format
• Microsoft Forefront Threat Management Gateway
• Microsoft Forefront Threat Management Gateway (Tab-separated)
• FortiGate Log Format
• FortiGate Comma Separated Log Format
• FortiGate Space Separated Log Format
• FortiGate Traffic Log Format
• FortiGate 300 Series Log Format
• Fortinet Log Format (syslog required)
• Gauntlet Log Format
• Gauntlet Log Format (yyyy-mm-dd dates)
• GNAT Box Log Format (Syslog Required)
• GTA GBWare Log Format
• GTA Firewall WELF Log Format (Syslog Required)
• i-FILTER Log Format
• Microsoft IAS/NPS Log Format
• IAS Comma-Separated Log Format
• Microsoft IAS (XML)
• IAS Alternate Log Format
• Ingate Firewall Log Format
• Instagate Access / Secure Access Log Format
• Interscan Web Security Suite
• IPFW Log Format
• IPTables Config Log Format
• Cisco IronPort Web Services Appliance (WSA S-Series) (W3C)
• Cisco IronPort Web Services Appliance (WSA S-Series) (pseudo-W3C with pattern header)
• Microsoft ISA 2004 IIS Log Format
• Microsoft ISA WebProxy (ODBC log source) Log Format
• Microsoft ISA WebProxy Log Format (CSV)
• Microsoft ISA Server Packet Logs
• Juniper Log Format
• Juniper/Netscreen Secure Access Log Format
• Juniper JunOS RT_FLOW Log format
• Juniper Secure Access SSL VPN Log Format
• Kernun DNS Proxy Log Format
• Kernun HTTP Proxy Log Format
• Kernun Proxy Log Format
• Kernun SMTP Proxy Log Format
• Kingdon Firewall
• Lucent Brick
• McAfee IntruShield Alert Log Format
• McAfee Secure Messaging Gateway (SMG) VPN Firewall
• Microsoft ICF Log Format
• Microsoft ISA Server Log Format (W3C)
• Microsoft Windows Firewall Log Format
• NetContinuum Application Security Gateway Log Format
• NetScreen Log Format
• NetScreen Traffic Log Format (get log traffic)
• Juniper Networks NetScreen Traffic Log Format
• iPlanet/Netscape Log Format
• Netscreen IDP Log Format
• Neoteris/Netscreen SSL Web Client Export Log Format
• NetScreen SSG Log Format
• Netscreen SSL Gateway Log Format
• Netscreen Web Client Export Log Format
• Netwall Log Format
• Smoothwall Network Guardian and Advanced Firewall
• Sonicwall NSA (Network Security Appliance)
• Nokia IP350/Checkpoint NG (fw log export) Log Format
• Nortel SSL VPN Log Format
• Norton Personal Firewall 2003 Connection Log Format
• Novell Border Manager Log Format
• OpenBSD Packet Filter (tcpdump -neqttr) Firewall Log Format
• Optenet WebFilter
• Palo Alto Networks Firewall Integrated Log Format
• Palo Alto Networks Firewall Threat Log Format
• Palo Alto Networks Firewall Traffic Log Format
• portsentry Log Format
• Rapid Firewall Log Format
• Raptor Log Format
• Raptor Log Format (Exception Reporting)
• SafeSquid Log Format (logging to syslog server)
• SafeSquid Log Format (Orange)
• SafeSquid Standalone Log Format
• SAS Firewall
• Separ URL Filter Log Format
• Symantec Gateway Security 400 Series Log Format
• Sharetech/Abocom Firewall Log Format
• Shorewall Log Format
• Sidewinder Log Format
• Sidewinder Firewall Log Format
• Sidewinder Raw Log Format (SUPPORTED ONLY AFTER acat -x EXPORT)
• Sidewinder Syslog Log Format
• SmoothWall Log Format
• SmoothWall SmoothGuardian 3.1 Log Format
• SonicWall or 3COM Firewall
• SonicWall 5
• Sonicwall TZ 170 Firewall
• Sophos Web Appliance
• Sourcefire Defense Center Syslog Format
• StoneGate Log Format
• Symantec Enterprise Firewall Log Format
• Symantec Enterprise Firewall 8 Log Format
• Symantec Gateway Security Log Format (SGS 2.0/3.0 & SEF 8.0)
• Symantec Gateway Security Binary Log Format (SUPPORTED ONLY WITH TEXT EXPORT)
• Symantec Gateway Security Log Format (via syslog)
• Symantec Web Security Log Format
• Tiny Personal Firewall Log Format
• Tipping Point IPS Log Format
• Tipping Point SMS Log Format
• UTM 80-E Firewall
• Sophos UTM Web Application Firewall Log Format
• UUDynamics SSL VPN
• Watchguard Log Format
• Watchguard Firebox Export Log Format (y/m/d format)
• Watchguard Firebox Cluster Traffic
• Watchguard Firebox Export Header
• Watchguard Firebox Export Header (dd/mm/yy dates)
• Watchguard Firebox Export Header (mm/dd/yy dates)
• Watchguard Firebox Export Log Format (m/d/y format)
• Watchguard Firebox XTM Log Format
• Watchguard Firebox v60 Log Format
• Watchguard Firebox V60 Log Format
• Watchguard Firebox X Core e-Series Log Format
• Watchguard Historical Reports Export Log Format
• Watchguard SOHO Log Format
• Watchguard WELF Log Format
• Watchguard WSEP Text Exports Log Format (Firebox II & III & X)
• Watchguard XML Log Format
• Cisco IronPort Web Security Appliance (WSA S-Series) (CSV Export)
• Webtrends Extended Log Format (Syslog)
• Webtrends Extended Log Format
• WELF date/time extraction (no syslog header)
• WELF Log Format (stand-alone; no syslog)
• WinRoute Connection Log Format
• QBIK WinGate (W3C)
• XWall Log Format
• DataEnter XWall Log Format
• Zone Alarm Log Format
• Zyxel Firewall Log Format
• Zyxel Firewall WELF Log Format

Application

• A10 Networks AX Series Authentication Log Format
• A10 Networks AX Series SLB Log Format
• Active PDF Log Format
• AIX CPU UtilizationLog Format
• Arcserve NT Log Format
• AutoAdmin Log Format
• Backup Exec Log Format
• BroadVision Error Log Format
• BroadVision Observation Log Format
• Cisco IOS DHCP Log Format
• Cognos Powerplay Enterprise Server
• Cognos Ticket Server Log Format
• ColdFusion Application Log Format
• ColdFusion Application Log Format (CSV)
• Atlassian Confluence Log Format
• Fiserv Financial Easy Lender - Unsuccessful Login Audit
• Easy Lender - Login Audit - Comma Separated
• Oracle Hyperion Essbase Log Format
• Filemaker Log Format
• Filemaker 3 Log Format
• Filemaker Access Log Format
• FusionBot Log Format
• GTB Inspector Log Format
• JIRA Log Format
• Java Bean Application Server Log Format
• JBoss Application Server Log Format
• Kaspersky Labs AVP Client (Spanish) Log Format
• Kaspersky Labs AVP Server (Spanish) Log Format
• LRS VPSX Accounting Log Format
• Microtech ImageMaker Error Log Format
• Microtech ImageMaker Media Log Format
• Microsoft Windows DHCP Server Log Format
• Microsoft Office SharePoint Server Log Format
• Microsoft SQL Profiler Export
• Microsoft SQL Profiler 2005 Export with DB/Host
• Mod Gzip Log Format
• MPS Log Format
• iPlanet/Netscape Directory Server Format
• Nortel Networks Instant Internet Log Format
• NVDcms Log Format
• OpenFire IM Log Format
• Oracle Application Server (Java Exceptions)
• Oracle Audit Log Format
• Oracle Listener Log Format
• Oracle Failed Login Attempts Log Format
• Performance Monitor Log Format
• Plesk Server Administrator Web Log
• Policy Directory Audit Log Format
• Policy Directory Security Audit Trail Log Format
• PortalXPert Log Format
• Retrospect Log Format
• RSA SecurID Audit Admin Log Format
• RSA SecurID Audit Runtime Log Format
• Ruby Log Format
• Samba Server Log Format
• Sawmill messages.log Log Format
• ShareWay IP Log Format
• SiteCAM Log Format
• SiteKiosk Log Format
• SiteKiosk (6/7) Log Format
• SiteMinder Policy Server Log Format
• SNARE Epilog Collected Oracle Listener Log Format
• Software602 Log Format
• Sun ONE Directory Server Audit Log Format
• Sun ONE Directory Server Error Log Format
• Sun ONE / Netscape Directory Server Log Format
• Sybase Error Log Format
• Symantec AntiVirus Corporate Edition
• Symantec AntiVirus Corporate Edition (VHIST Exporter)
• TerraPlay Accounting Log Format
• Tivoli Storage Manager TDP for SQL Server Format
• Vamsoft Open Relay Filter Enterprise Edition Log Format
• Vidyo
• WebNibbler Log Format
• Web Sense Log Format
• Wipro Websecure Audit Log Format
• Wipro Websecure Auth Log Format
• Wipro Websecure Auth (Alternate Dates)
• Wipro Websecure Debug Log Format

Sawmill automatically detects all of these formats, and arranges your profile options intelligently based on your log format. If your format is not supported, we can created it for a fee. If you're interested in having us create the plug-in, please send a sample of your log data (1 Meg is ideal, but anything more than ten lines will do) to support@sawmill.net and we will send a quote. Alternately, you can create your own plug-in; see Creating Log Format Plug-ins (Custom Log Formats).