CYBERGUARD FIREWALL AUDIT(NON-WELF)
Sawmill is a CyberGuard Firewall Audit(non-WELF) log analyzer (it also supports the 1020 other log formats listed to the left).
It can process log files
in CyberGuard Firewall Audit(non-WELF) format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse CyberGuard Firewall Audit(non-WELF) logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform CyberGuard Firewall Audit(non-WELF) log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for CyberGuard Firewall Audit(non-WELF), generates reports for each field, and allows dynamic filtering on any combination of these fields:
|Field|| ||Internal Name|
| ||action|| ||action|
| ||protocol|| ||protocol|
| ||ICMP type|| ||icmp_type|
| ||source host|| ||src_host|
| ||destination host|| ||dst_host|
| ||source port|| ||srcport|
| ||destination port|| ||dstport|
| ||source interface|| ||srcintfc|
| ||destination interface|| ||dstintfc|
Sawmill stores the following numerical fields in its database for CyberGuard Firewall Audit(non-WELF), aggregating them and including them as columns in most reports:
|Numerical Field|| ||Internal Name|
| ||events|| ||events|
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling CyberGuard Firewall Audit(non-WELF) reports.
Sawmill also supports 1020 other log formats.