IRONPORT C SERIES SECURE EMAIL
Sawmill is a IronPort C Series Secure Email log analyzer (it also supports the 1021 other log formats listed to the left).
It can process log files
in IronPort C Series Secure Email format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse IronPort C Series Secure Email logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform IronPort C Series Secure Email log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for IronPort C Series Secure Email, generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | | Internal Name |
|---|
| | date/time | | date_time |
| | day of week | | day_of_week |
| | hour of day | | hour_of_day |
| | action | | action |
| | from | | from |
| | to | | to |
| | SBRS action | | sbrs_action |
| | SBRS list | | sbrs_list |
| | SBRS score | | sbrs_score |
| | message ID | | message_id |
| | subject | | subject |
| | antispam_result | | antispam_result |
| | antivirus result | | antivirus_result |
| | interface | | interface |
| | interface host | | interface_host |
| | address | | address |
| | reverse DNS host | | reverse_dns_host |
| | response | | response |
| | reason | | reason |
| | ICID | | icid |
| | MID | | mid |
| | RID | | rid |
| | warning message | | warning_message |
| | location | | location |
| | meta | | meta |
| | x_filetypes | | x_filetypes |
Sawmill stores the following numerical fields in its database for IronPort C Series Secure Email, aggregating them and including them as columns in most reports:
| Numerical Field | | Internal Name |
|---|
| | events | | events |
| | messages delivered | | messages_delivered |
| | messages queued | | messages_queued |
| | messages rejected | | messages_rejected |
| | messages aborted | | messages_aborted |
| | messages spam positive | | messages_spam_positive |
| | messages virus positive | | messages_virus_positive |
| | message deliveries aborted | | message_deliveries_aborted |
| | messages quarantined | | messages_quarantined |
| | messages bounced | | messages_bounced |
| | messages delayed | | messages_delayed |
| | bytes transferred | | bytes_transferred |
| | x_filesizes | | x_filesizes |
| | warnings | | warnings |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling IronPort C Series Secure Email reports.
Sawmill also supports 1021 other log formats.
