IRONPORT S-SERIES ACCESS LOGS V2008-06-10
Sawmill is a IronPort S-Series Access Logs v2008-06-10 log analyzer (it also supports the 819 other log formats listed to the left).
It can process log files
in IronPort S-Series Access Logs v2008-06-10 format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse IronPort S-Series Access Logs v2008-06-10 logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform IronPort S-Series Access Logs v2008-06-10 log analysis on any platform, including Window, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for IronPort S-Series Access Logs v2008-06-10, generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | | Internal Name |
|---|
| | date/time | | date_time |
| | day of week | | day_of_week |
| | field_auth_user | | field_auth_user |
| | field_action | | field_action |
| | field_cache_type | | field_cache_type |
| | field_category | | field_category |
| | field_category_severity | | field_category_severity |
| | field_decision | | field_decision |
| | field_malware_id | | field_malware_id |
| | field_mcafee_id | | field_mcafee_id |
| | field_method | | field_method |
| | field_mime_type | | field_mime_type |
| | field_object_page | | field_object_page |
| | field_policy_group | | field_policy_group |
| | field_url_server | | field_url_server |
| | field_source_id | | field_source_id |
| | field_svr_response | | field_svr_response |
| | field_url_file_extension | | field_url_file_extension |
| | field_url_port | | field_url_port |
| | field_url_scheme | | field_url_scheme |
| | field_usage | | field_usage |
| | field_wbrs_string | | field_wbrs_string |
| | field_webroot_id | | field_webroot_id |
| | hour of day | | hour_of_day |
| | source IP | | source_ip |
| | URL | | url |
Sawmill stores the following numerical fields in its database for IronPort S-Series Access Logs v2008-06-10, aggregating them and including them as columns in most reports:
| Numerical Field | | Internal Name |
|---|
| | field_bw_cost | | field_bw_cost |
| | field_size | | field_size |
| | field_unique_src_ips | | field_unique_src_ips |
| | field_wbrs_value | | field_wbrs_value |
| | page views | | page_views |
| | requests | | requests |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling IronPort S-Series Access Logs v2008-06-10 reports.
Sawmill also supports 819 other log formats.
