Download Sawmill 8.8.1
30 Days Free Trial
Home Products Downloads Purchase Support About About
Sawmill Sawmill



Sawmill has plug-ins to support the following log formats:


Sawmill is a Clavister Firewall (with syslog) log analyzer (it also supports the 1021 other log formats listed to the left). It can process log files in Clavister Firewall (with syslog) format, and generate dynamic statistics from them, analyzing and reporting events. Sawmill can parse Clavister Firewall (with syslog) logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database), aggregate them, and generate dynamically filtered reports, all through a web interface. Sawmill can perform Clavister Firewall (with syslog) log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.

Sawmill stores the following non-numerical fields in its database for Clavister Firewall (with syslog), generates reports for each field, and allows dynamic filtering on any combination of these fields:

Field  Internal Name
   URL  url
   uptime  uptime
   UDP data length  udptotlen
   TCP header length  tcphdrlen
   SYN  syn
   startup  startup
   source port  srcport
   source IP  srcip
   source  src
   shutdown  shutdown
   SES  ses
   rule  rule
   RST  rst
   receiver interface  recvif
   reason  reason
   PSH  psh
   priority  prio
   previous shutdown  previous_shutdown
   peer  peer
   IP protocol  ipproto
   IP data length  ipdatalen
   ICMP type  icmptype
   FIN  fin
   file size  filesize
   file  file
   ECHO sequence  echoseq
   ECHO ID  echoid
   destination port  destport
   destination IP  destip
   destination  dest
   demonstration mode  demo
   delay  delay
   core version  corever
   source port  connsrcport
   source IP  connsrcip
   source ping ID  connsrcid
   receiving interface  connrecvif
   IP protocol  connipproto
   destination port  conndestport
   destination IP  conndestip
   destination interface  conndestif
   destination ping ID  conndestid
   connection  conn
   config file version  cfgver
   config file used  cfgfile
   bi direction  bidir
   algsesid  algsesid
   algmod  algmod
   action  action
   ACK  ack
   ARP message type  arp
   destination network  destenet
   destination mac address  hwdest
   sender mac address  hwsender
   ip  ip
   size  size
   source network  srcenet
   VPN tunnel  vpntunnel

Sawmill stores the following numerical fields in its database for Clavister Firewall (with syslog), aggregating them and including them as columns in most reports:

Numerical Field  Internal Name
   event  event
   data sent (server)  termsent
   data sent (client)  origsent

See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Clavister Firewall (with syslog) reports.

Sawmill also supports 1021 other log formats.

© 2024 Flowerfire | Copyright | Privacy Policy | License Agreement | Terms of Use | Contact | Feedback | About
Sawmill Software
Sawmill Software
Back to Sawmill Home