You're receiving this newsletter because
during the downloading or purchase of Sawmill, you checked the box
to join our mailing list. If you wish to be removed from this list,
please send an email, with the subject line of "UNSUBSCRIBE" to newsletter@sawmill.net
(please include the entire message, as the identifying information
is at the bottom).
News Sawmill 8.1.8 shipped on January 17, 2011. This is a bug-fix
releaseâ€"it fixes a few bugs, and adds a few small features. This
release is free to existing Sawmill 8 users. This release is
recommended for anyone experiencing the issues described in the version
history. You can download Sawmill 8.1.8 from http://sawmill.net/download.html
.
Sawmill 7 users can upgrade to Sawmill 8 for half of the license
price; or if you have Premium Support, the upgrade is free. Major
features of Sawmill 8 include support for Oracle and Microsoft SQL
Server databases, real-time reporting, a completely redesigned web
interface, better multi-processor and multi-core support, and
role-based authentication control.
This issue of the Sawmill Newsletter describes the creation of a
cluster of parsing servers to improve the performance of log
processing to omit rows of reports as they are displayed.
Get The Most Out Of Sawmill With Professional Services
Looking to get more out of your statistics from Sawmill? Running
short on time, but need the information now to make critical
business decisions? Our Professional Service Experts are available
for just this situation and many others. We will assist in the
initial installation of Sawmill using best practices; work with you
to integrate and configure Sawmill to generate reports in the
shortest possible time. We will tailor Sawmill to your environment,
create a customized solution, be sensitive to your requirements and
stay focused on what your business needs are. We will show you areas
of Sawmill you may not even be aware of, demonstrating these methods
will provide you with many streamlined methods to get you the
information more quickly. Often you'll find that Sawmill's deep
analysis can even provide you with information you've been after but
never knew how to reach, or possibly never realized was readily
available in reports. Sawmill is an extremely powerful tool for your
business, and most users only exercise a fraction of this power.
That's where our experts really can make the difference. Our Sawmill
experts have many years of experience with Sawmill and with a large
cross section of devices and business sectors. Our promise is to
very quickly come up with a cost effective solution that fits your
business, and greatly expand your ROI with only a few hours of fee
based Sawmill Professional Services. For more information, a quote,
or to speak directly with a Professional services expert contact consulting@flowerfire.com.
Tips & Techniques: Using The LDAP Plug-in
Sawmill 8.1.8 includes a new plug-in architecture for managing
logins and authentication. The first plug-in for this architecture
is the LDAP Plug-in (ldap.cfg), which is included in the Extras
folder of the Sawmill distribution. Sawmill 8.1.8 also includes a
section in the Preferences which integrates with this plug-in.
Installing the LDAP Plug-in
Sawmill 8.6.2 or earlier: To use the LDAP plug-in, copy the login_plugins folder from Extras
to LogAnalysisInfo. This installs the LDAP plug-in, and makes it
active immediately. You can still login as the local administrative
Sawmill user, but other user logins will be managed by the plug-in.
In Sawmill 8.6.3 or later: The LDAP login plug-in is always installed, and is enabled by checking "ldap" in Preferences->Security.
Configuring the LDAP Plug-in
While logging in as the local Sawmill administrator, go to
Preferences, and within there to Security. Fill out the bottom
section, called LDAP:
The Security Section Of Preferences
The values of these fields should be:
LDAP server hostname. This is the hostname of the LDAP
server to be used for Sawmill login authentication.
LDAP administrator DN. This is the DN (Distinguished
Name) of the LDAP user to be used for Sawmill's LDAP queries.
LDAP administrator password. This is the password of
the LDAP administrator DN.
Use SSL for LDAP. Check this if your LDAP server
supports SSL, and you want to use it for better security.
LDAP base DN. This is the base DN of all your Sawmill
users in LDAP
LDAP username label. This is the label of the username
field to be queried from LDAP, e.g. CN or sAMAccountName.
Logging In
Now, log out of Sawmill, and log in as usual. If the username and
password you enter are the root administrator, you will be logged
directly into Sawmill. Otherwise the LDAP plug-in will contact the
specified LDAP server, log in (bind) to the LDAP server as the
specified LDAP administrator, and run a query against the base DN,
to find a user whose username label attribute matches the value
entered as the username in the login page. For instance, in the
example above, if "bob" were entered in the Username field of the
Sawmill login page, the LDAP Plug-in would do a query to find a user
with sAMAccountName=bob, within the base DN (recursively, i.e. using
a subtree query). If a user is found, the LDAP plug-in will attempt
to bind to that user with the specified password; if that succeeds,
the user will be logged into Sawmill. The default behavior of the
plug-in is to log the user into Sawmill as a statistics-viewing user
with access to view all profiles, but with no administrative or
Config permissions (i.e., the user record is created in Sawmill
within the role of Statistics Viewer).
Advanced Topic: Customizing the LDAP Plug-in
The default LDAP Plug-in, ldap.cfg, does only basic authentication:
it confirms that the user exists, and that the password is correct,
and logs them in as an all-profile-viewing user. If you need more,
however, the plug-in can be configured to do more, by editing the
Salang code of ldap.cfg. For instance, the code contains a line
which specifies which role the user should be; that can be changed,
or a new LDAP query can be executed to determine their role. Also,
the code contains a line where it specifies which profiles the user
may access (all of them, by default); that can be changed to allow
access to only a particular profile, or do another LDAP query to
determine which profiles the user may access.
Finally, ldap.cfg contains a commented-out section implementing a
particularly sophisticated usage. The code, if un-commented and
edited appropriately, will perform an LDAP query to determine who
reports to the logging-in user, within the organization. It will
then create an invisible per-user report filter selecting only those
users from the reports. For instance, if Bob logs in, and Jane and
Jeff report to Bob, then it will create a report filter which
selects all events where user=jane or user=jeff. This allows the
reports to change dynamically, depending on who is logging in, to
show only information for their subordinates, or their division.
This is particularly useful for web proxy analysis.
Advanced Topic: Creating Other Plug-ins
The LDAP Plug-in is one example of a new category of plug-ins called
"login plug-ins." Though most users will only need the LDAP Plug-in,
it is possible to create your own plug-ins which perform
authentication against another external authentication source, for
instance a database. The ldap.cfg file can be used as a basis for
creating this sort of alternate external authentication system for
Sawmill.
Professional Services
This newsletter describes the LDAP Plug-in. If you need assistance
with implementing or customizing the LDAP Plug-in, creating a new
login plug-in, or with any other Sawmill tasks, our Sawmill Experts
can help. Contact sales@sawmill.net for more
information.
![]({=fileref("picts/docs/newsletter/2011-01-15/part1.09010502.02080906@flowerfire.com.gif")=})
![Preferences LDAP]({=fileref("picts/docs/newsletter/2011-01-15/part2.04080400.05080402@flowerfire.com.png")=})