CISCO IRONPORT IRONPORT S-SERIES ACCESS LOGS SEC OPS PROFILE FOR EXTENDED SQUID FORMAT
Sawmill is a Cisco IronPort IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format log analyzer (it also supports the 1021 other log formats listed to the left).
It can process log files
in Cisco IronPort IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse Cisco IronPort IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform Cisco IronPort IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for Cisco IronPort IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format, generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | | Internal Name |
| date/time | | date_time |
| day of week | | day_of_week |
| field_auth_user | | field_auth_user |
| field_action | | field_action |
| field_cache_type | | field_cache_type |
| field_category | | field_category |
| field_category_severity | | field_category_severity |
| field_decision | | field_decision |
| field_malware_id | | field_malware_id |
| field_mcafee_id | | field_mcafee_id |
| field_method | | field_method |
| field_mime_type | | field_mime_type |
| field_object_page | | field_object_page |
| field_policy_group | | field_policy_group |
| field_url_server | | field_url_server |
| field_source_id | | field_source_id |
| field_svr_response | | field_svr_response |
| field_url_file_extension | | field_url_file_extension |
| field_url_port | | field_url_port |
| field_url_scheme | | field_url_scheme |
| field_usage | | field_usage |
| field_wbrs_string | | field_wbrs_string |
| field_webroot_id | | field_webroot_id |
| hour of day | | hour_of_day |
| source IP | | source_ip |
| URL | | url |
Sawmill stores the following numerical fields in its database for Cisco IronPort IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format, aggregating them and including them as columns in most reports:
| Numerical Field | | Internal Name |
| field_size | | field_size |
| field_unique_src_ips | | field_unique_src_ips |
| field_wbrs_value | | field_wbrs_value |
| page views | | page_views |
| requests | | requests |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Cisco IronPort IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format reports.
Sawmill also supports 1021 other log formats.