|
CISCO IDS NETRANGER
Sawmill is a Cisco IDS Netranger log analyzer (it also supports the 843 other log formats listed to the left).
It can process log files
in Cisco IDS Netranger format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse Cisco IDS Netranger logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform Cisco IDS Netranger log analysis on any platform, including Window, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for Cisco IDS Netranger, generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | | Internal Name |
|---|
| | date/time | | date_time |
| | day of week | | day_of_week |
| | hour of day | | hour_of_day |
| | application ID | | application_id |
| | host ID | | host_id |
| | organization ID | | organization_id |
| | source direction | | source_direction |
| | destination direction | | destination_direction |
| | alarm level | | alarm_level |
| | signature ID | | signature_id |
| | subsignature ID | | subsignature_id |
| | protocol | | protocol |
| | source IP | | source_ip |
| | destination IP | | destination_ip |
| | source port | | source_port |
| | destination port | | destination_port |
| | router IP | | router_ip |
| | attack detail | | attack_detail |
Sawmill stores the following numerical fields in its database for Cisco IDS Netranger, aggregating them and including them as columns in most reports:
| Numerical Field | | Internal Name |
|---|
| | hits | | hits |
| | visitors | | visitors |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Cisco IDS Netranger reports.
Sawmill also supports 843 other log formats.
|
