Sawmill
Download Sawmill 8.7.4
30 Days Free Trial
Home Products Downloads Purchase Support About About
Sawmill Sawmill

SAWMILLPLUG-IN

ALL PLUG-INS

Sawmill has plug-ins to support the following log formats:

line
CISCO SYSTEMS PIX/ASA SECURITY APPLIANCE

Sawmill is a Cisco Systems PIX/ASA Security Appliance log analyzer (it also supports the 997 other log formats listed to the left). It can process log files in Cisco Systems PIX/ASA Security Appliance format, and generate dynamic statistics from them, analyzing and reporting events. Sawmill can parse Cisco Systems PIX/ASA Security Appliance logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database), aggregate them, and generate dynamically filtered reports, all through a web interface. Sawmill can perform Cisco Systems PIX/ASA Security Appliance log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.

Sawmill stores the following non-numerical fields in its database for Cisco Systems PIX/ASA Security Appliance, generates reports for each field, and allows dynamic filtering on any combination of these fields:

Field  Internal Name
   operation  operation
   message  message
   message code  message_code
   message facility  message_facility
   message severity  message_severity
   message mnemonic  message_mnemonic
   protocol  protocol
   source IP  source_ip
   source MAC address  source_mac_address
   location  location
   destination IP  destination_ip
   source hostname  source_hostname
   destination hostname  destination_hostname
   source port  source_port
   destination port  destination_port
   source side  source_side
   destination side  destination_side
   destination service  destination_service
   interface  interface
   direction  direction
   username  user_name
   group  group
   access group  access_group
   access list  access_list
   foreign IP  faddr_host
   foreign port  faddr_port
   foreign service  faddr_service
   global IP  gaddr_host
   global port  gaddr_port
   global service  gaddr_service
   local IP  laddr_host
   local port  laddr_port
   local service  laddr_service
   URL  url
   flags  flags
   command  command
   type  type
   list  list
   reason  reason
   ICMP type  icmp_type
   ICMP code  icmp_code
   state  state
   VTY line  vty_line
   privilege_level  privilege_level
   AAA status  aaa_status
   AAA server  aaa_server
   group policy  group_policy
   private IP  private_ip
   VLAN ID  vlan_id
   client type  client_type
   client public address  client_public_addr
   client application version  client_application_version
   server public address  server_public_addr
   assigned public address  assigned_public_addr
   session type  session_type

Sawmill stores the following numerical fields in its database for Cisco Systems PIX/ASA Security Appliance, aggregating them and including them as columns in most reports:

Numerical Field  Internal Name
   events  events
   connections built  connections_built
   connections torn down  connections_torn_down
   page views  page_views
   unique source IPs  unique_source_ips
   bytes  bytes
   bytes transmitted  bytes_xmt
   bytes received  bytes_rcv
   duration  duration
   packets  packets

See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Cisco Systems PIX/ASA Security Appliance reports.

Sawmill also supports 997 other log formats.

© 2014 Flowerfire | Copyright | Privacy Policy | License Agreement | Terms of Use | Contact | Feedback | About
Sawmill Software
Sawmill Software
Back to Sawmill Home