Sawmill
Download Sawmill 8.7.2
30 Days Free Trial
Home Products Downloads Purchase Support About About
Sawmill Sawmill

SAWMILLPLUG-IN

ALL PLUG-INS

Sawmill has plug-ins to support the following log formats:

line
CISCO IRONPORT IRONPORT S-SERIES ACCESS LOGS SEC OPS PROFILE FOR EXTENDED SQUID FORMAT

Sawmill is a Cisco IronPort IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format log analyzer (it also supports the 980 other log formats listed to the left). It can process log files in Cisco IronPort IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format format, and generate dynamic statistics from them, analyzing and reporting events. Sawmill can parse Cisco IronPort IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database), aggregate them, and generate dynamically filtered reports, all through a web interface. Sawmill can perform Cisco IronPort IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format log analysis on any platform, including Window, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.

Sawmill stores the following non-numerical fields in its database for Cisco IronPort IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format, generates reports for each field, and allows dynamic filtering on any combination of these fields:

Field  Internal Name
   date/time  date_time
   day of week  day_of_week
   field_auth_user  field_auth_user
   field_action  field_action
   field_cache_type  field_cache_type
   field_category  field_category
   field_category_severity  field_category_severity
   field_decision  field_decision
   field_malware_id  field_malware_id
   field_mcafee_id  field_mcafee_id
   field_method  field_method
   field_mime_type  field_mime_type
   field_object_page  field_object_page
   field_policy_group  field_policy_group
   field_url_server  field_url_server
   field_source_id  field_source_id
   field_svr_response  field_svr_response
   field_url_file_extension  field_url_file_extension
   field_url_port  field_url_port
   field_url_scheme  field_url_scheme
   field_usage  field_usage
   field_wbrs_string  field_wbrs_string
   field_webroot_id  field_webroot_id
   hour of day  hour_of_day
   source IP  source_ip
   URL  url

Sawmill stores the following numerical fields in its database for Cisco IronPort IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format, aggregating them and including them as columns in most reports:

Numerical Field  Internal Name
   field_size  field_size
   field_unique_src_ips  field_unique_src_ips
   field_wbrs_value  field_wbrs_value
   page views  page_views
   requests  requests

See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Cisco IronPort IronPort S-Series Access Logs Sec Ops Profile for Extended Squid Format reports.

Sawmill also supports 980 other log formats.

© 2014 Flowerfire | Copyright | Privacy Policy | License Agreement | Terms of Use | Contact | Feedback | About
Sawmill Software
Sawmill Software
Back to Sawmill Home