FORTINET FORTIGATE FIREWALL (SYSLOG REQUIRED)
Sawmill is a Fortinet Fortigate Firewall (syslog required) log analyzer (it also supports the 892 other log formats listed to the left).
It can process log files
in Fortinet Fortigate Firewall (syslog required) format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse Fortinet Fortigate Firewall (syslog required) logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform Fortinet Fortigate Firewall (syslog required) log analysis on any platform, including Window, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for Fortinet Fortigate Firewall (syslog required), generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | | Internal Name |
|---|
| | ID | | id |
| | firewall | | fw |
| | priority | | pri |
| | log ID | | log_id |
| | type | | type |
| | virus name/file | | virus_name_file |
| | IDS class | | ids_class |
| | IDS reference | | ids_reference |
| | message | | msg |
| | attack ID | | attack_id |
| | SN | | sn |
| | rule | | rule |
| | policy ID | | policyid |
| | protocol | | proto |
| | service | | service |
| | status | | status |
| | to | | to |
| | from | | from |
| | source | | src |
| | source name | | srcname |
| | destination | | dst |
| | destination name | | dstname |
| | source interface | | src_int |
| | destination interface | | dst_int |
| | source port | | src_port |
| | destination port | | dst_port |
| | VPN | | vpn |
| | translated IP | | tran_ip |
| | translated port | | tran_port |
Sawmill stores the following numerical fields in its database for Fortinet Fortigate Firewall (syslog required), aggregating them and including them as columns in most reports:
| Numerical Field | | Internal Name |
|---|
| | events | | events |
| | page views | | page_views |
| | visitors | | visitors |
| | received | | rcvd |
| | sent | | sent |
| | duration | | duration |
| | received packets | | rcvd_pkt |
| | sent packets | | sent_pkt |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Fortinet Fortigate Firewall (syslog required) reports.
Sawmill also supports 892 other log formats.
