DATAGRAM SYSLOGAGENT
Sawmill is a Datagram SyslogAgent log analyzer (it also supports the 854 other log formats listed to the left).
It can process log files
in Datagram SyslogAgent format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse Datagram SyslogAgent logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform Datagram SyslogAgent log analysis on any platform, including Window, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for Datagram SyslogAgent, generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | | Internal Name |
|---|
| | event code | | event_code |
| | computer name | | computer_name |
| | username | | username |
| | process | | process |
| | priority | | priority |
| | message | | message |
| | username | | user_name |
| | primary user name | | primary_user_name |
| | client user name | | client_user_name |
| | domain | | domain |
| | primary domain | | primary_domain |
| | client domain | | client_domain |
| | logon ID | | logon_id |
| | primary logon ID | | primary_logon_id |
| | client logon ID | | client_logon_id |
| | logon type | | logon_type |
| | logon process | | logon_process |
| | authentication package | | authentication_package |
| | workstation name | | workstation_name |
| | logon GUID | | logon_guid |
| | caller user name | | caller_user_name |
| | caller domain | | caller_domain |
| | caller logon ID | | caller_logon_id |
| | caller process ID | | caller_process_id |
| | transited services | | transited_services |
| | source network address | | source_network_address |
| | source port | | source_port |
| | object server | | object_server |
| | object name | | object_name |
| | object type | | object_type |
| | handle ID | | handle_id |
| | new handle ID | | new_handle_id |
| | process ID | | process_id |
| | image file name | | image_file_name |
| | new process ID | | new_process_id |
| | creator process ID | | creator_process_id |
| | server | | server |
| | service | | service |
| | privileges | | privileges |
| | accesses | | accesses |
| | access mask | | access_mask |
| | restricted sid count | | restricted_sid_count |
| | operation ID | | operation_id |
| | logon account | | logon_account |
| | source workstation | | source_workstation |
| | error code | | error_code |
| | print filename | | print_filename |
| | print file owner | | print_file_owner |
| | print method | | print_method |
Sawmill stores the following numerical fields in its database for Datagram SyslogAgent, aggregating them and including them as columns in most reports:
| Numerical Field | | Internal Name |
|---|
| | events | | events |
| | print pages | | print_pages |
| | print bytes | | print_bytes |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Datagram SyslogAgent reports.
Sawmill also supports 854 other log formats.
