Barrier Group Log Analyzer

Sawmill is a Barrier Group log analyzer (it also supports 827 other log formats). It can process log files in Barrier Group format, and generate dynamic statistics from them, analyzing and reporting events. Sawmill can parse Barrier Group logs, import them into a SQL database (or its own built-in database), aggregate them, and generate dynamically filtered reports, all through a web interface. Sawmill can perform Barrier Group log analysis on any platform, including Window, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.

Sawmill stores the following non-numerical fields in its database for Barrier Group, generates reports for each field, and allows dynamic filtering on any combination of these fields:

	Field		Internal Name
	date/time		date_time
	day of week		day_of_week
	hour of day		hour_of_day
	priority		priority
	detector		detector
	description		description
	event protocol		event_protocol
	source IP		source_ip
	geographic location		location
	source port		source_port
	source URL		source_url
	source MAC		source_mac
	internal source		internal_source
	blocked source		blocked_source
	destination IP		dest_ip
	destination port		dest_port
	destination URL		dest_url
	destination MAC		dest_mac
	internal destination		internal_dest
	blocked destination		blocked_dest
	good host		good_host
	bad host		bad_host

Sawmill stores the following numerical fields in its database for Barrier Group, aggregating them and including them as columns in most reports:

	Numerical Field		Internal Name
	events		events
	internal sources		internal_sources
	blocked sources		blocked_sources
	internal destinations		internal_destinations
	blocked destinations		blocked_destinations
	good hosts		good_hosts
	bad hosts		bad_hosts

Sawmill also supports 827 other log formats; see Sawmill Features for a list containing Barrier Group and all the other supported formats.