Sawmill
Download Sawmill 8.8.1
30 Days Free Trial
Home Products Downloads Purchase Support About About
Sawmill Sawmill

SAWMILLPLUG-IN

ALL PLUG-INS

Sawmill has plug-ins to support the following log formats:

line
OSSEC CHECKPOINT

Sawmill is a OSSEC Checkpoint log analyzer (it also supports the 1021 other log formats listed to the left). It can process log files in OSSEC Checkpoint format, and generate dynamic statistics from them, analyzing and reporting events. Sawmill can parse OSSEC Checkpoint logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database), aggregate them, and generate dynamically filtered reports, all through a web interface. Sawmill can perform OSSEC Checkpoint log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.

Sawmill stores the following non-numerical fields in its database for OSSEC Checkpoint, generates reports for each field, and allows dynamic filtering on any combination of these fields:

Field  Internal Name
   IP address  ip_address
   date/time  date_time
   day of week  day_of_week
   hour of day  hour_of_day
   accept  accept
   firewall name  fw_name
   request type  request_type
   rule number  rule_number
   Rule UID  rule_uid
   rule name  rule_name
   service ID  service_id
   ICMP  icmp
   ICMP type  icmp_type
   ICMP code  icmp_code
   source  src
   destination  dst
   protocol  proto
   translated source  xlatesrc
   translated destination  xlatedst
   NAT rule number  nat_rulenum
   NAT additional rule number  nat_addtnl_rulenum
   message info  message_info
   product  product
   service  service
   source port  s_port

Sawmill stores the following numerical fields in its database for OSSEC Checkpoint, aggregating them and including them as columns in most reports:

Numerical Field  Internal Name
   events  events

See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling OSSEC Checkpoint reports.

Sawmill also supports 1021 other log formats.

© 2024 Flowerfire | Copyright | Privacy Policy | License Agreement | Terms of Use | Contact | Feedback | About
Sawmill Software
Sawmill Software
Back to Sawmill Home