MICROSOFT EXCHANGE SERVER 2007/2010
Sawmill is a Microsoft Exchange Server 2007/2010 log analyzer (it also supports the 1021 other log formats listed to the left).
It can process log files
in Microsoft Exchange Server 2007/2010 format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse Microsoft Exchange Server 2007/2010 logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform Microsoft Exchange Server 2007/2010 log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for Microsoft Exchange Server 2007/2010, generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | | Internal Name |
|---|
| | date/time | | date_time |
| | hour of day | | hour_of_day |
| | day of week | | day_of_week |
| | action | | action |
| | agent | | agent |
| | client hostname | | client_hostname |
| | client IP | | client_ip |
| | connector ID | | connector_id |
| | context | | context |
| | data | | data |
| | entered org from IP | | entered_org_from_ip |
| | event | | event |
| | Event ID | | event_id |
| | internal message ID | | internal_message_id |
| | local endpoint | | local_endpoint |
| | message ID | | message_id |
| | message info | | message_info |
| | message subject | | message_subject |
| | number of recipients | | num_recipients |
| | P1 from address | | p1_from_address |
| | P2 from addresses | | p2_from_addresses |
| | reason | | reason |
| | reason data | | reason_data |
| | recipient | | recipient |
| | recipient address | | recipient_address |
| | recipient status | | recipient_status |
| | reference | | reference |
| | related recipient address | | related_recipient_address |
| | remote endpoint | | remote_endpoint |
| | return path | | return_path |
| | sender address | | sender_address |
| | sequence number | | sequence_number |
| | server hostname | | server_hostname |
| | server IP | | server_ip |
| | session ID | | session_id |
| | smtp response | | smtp_response |
| | source | | source |
| | source context | | source_context |
| | directionality | | directionality |
| | tenant ID | | tenant_id |
| | original client IP | | original_client_ip |
| | original server IP | | original_server_ip |
| | custom data | | custom_data |
Sawmill stores the following numerical fields in its database for Microsoft Exchange Server 2007/2010, aggregating them and including them as columns in most reports:
| Numerical Field | | Internal Name |
|---|
| | events | | events |
| | total bytes | | total_bytes |
| | recipient count | | recipient_count |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Microsoft Exchange Server 2007/2010 reports.
Sawmill also supports 1021 other log formats.
