FORTINET FORTIGATE FIREWALL (COMMA SEPARATED)
Sawmill is a Fortinet FortiGate Firewall (comma separated) log analyzer (it also supports the 1021 other log formats listed to the left).
It can process log files
in Fortinet FortiGate Firewall (comma separated) format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse Fortinet FortiGate Firewall (comma separated) logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform Fortinet FortiGate Firewall (comma separated) log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for Fortinet FortiGate Firewall (comma separated), generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | | Internal Name |
|---|
| | device ID | | device_id |
| | dir disp | | dir_disp |
| | destination | | dst |
| | destination interface | | dst_int |
| | destination port | | dst_port |
| | destination country | | dstcountry |
| | destination name | | dstname |
| | duration | | duration |
| | ICMP code | | icmp_code |
| | ICMP type | | icmp_type |
| | level | | level |
| | message | | msg |
| | policy ID | | policyid |
| | firewall priority | | fw_pri |
| | protocol | | proto |
| | received packets | | rcvd_pkt |
| | rule | | rule |
| | sent packets | | sent_pkt |
| | service | | service |
| | session ID | | session_id |
| | SN | | sn |
| | source | | src |
| | source interface | | src_int |
| | source port | | src_port |
| | source country | | srccountry |
| | source name | | srcname |
| | status | | status |
| | subtype | | subtype |
| | translated disp | | tran_disp |
| | translated IP | | tran_ip |
| | translated port | | tran_port |
| | type | | type |
| | vd | | vd |
| | VPN | | vpn |
| | action | | action |
| | active directory group | | adgroup |
| | application | | app |
| | aven | | aven |
| | category | | cat |
| | category description | | cat_desc |
| | device name | | devname |
| | destination port | | dport |
| | fcni | | fcni |
| | fdni | | fdni |
| | FTP | | ftp |
| | group | | group |
| | hostname | | hostname |
| | HTTP | | http |
| | idsdb | | idsdb |
| | idsmn | | idsmn |
| | IMAP | | imap |
| | libav | | libav |
| | method | | method |
| | POP3 | | pop3 |
| | reason | | reason |
| | serial | | serial |
| | SMTP | | smtp |
| | source port | | sport |
| | UI | | ui |
| | URL | | url |
| | file type | | file_type |
| | user | | user |
| | virdb | | virdb |
Sawmill stores the following numerical fields in its database for Fortinet FortiGate Firewall (comma separated), aggregating them and including them as columns in most reports:
| Numerical Field | | Internal Name |
|---|
| | accesses | | accesses |
| | unique source IPs | | unique_source_ips |
| | sent | | sent |
| | received | | rcvd |
| | sent packets | | sent_pkt |
| | received packets | | rcvd_pkt |
| | duration | | duration |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Fortinet FortiGate Firewall (comma separated) reports.
Sawmill also supports 1021 other log formats.
