Sawmill
Download Sawmill 8.7.4
30 Days Free Trial
Home Products Downloads Purchase Support About About
Sawmill Sawmill

SAWMILLPLUG-IN

ALL PLUG-INS

Sawmill has plug-ins to support the following log formats:

line
PALO ALTO NETWORKS FIREWALL (INTEGRATED THREAT & TRAFFIC)

Sawmill is a Palo Alto Networks Firewall (Integrated Threat & Traffic) log analyzer (it also supports the 997 other log formats listed to the left). It can process log files in Palo Alto Networks Firewall (Integrated Threat & Traffic) format, and generate dynamic statistics from them, analyzing and reporting events. Sawmill can parse Palo Alto Networks Firewall (Integrated Threat & Traffic) logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database), aggregate them, and generate dynamically filtered reports, all through a web interface. Sawmill can perform Palo Alto Networks Firewall (Integrated Threat & Traffic) log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.

Sawmill stores the following non-numerical fields in its database for Palo Alto Networks Firewall (Integrated Threat & Traffic), generates reports for each field, and allows dynamic filtering on any combination of these fields:

Field  Internal Name
   serial number  serial_number
   type  type
   sub type  sub_type
   source IP  source_ip
   destination IP  destination_ip
   NAT source IP  nat_source_ip
   NAT destination IP  nat_destination_ip
   rule name  rule_name
   source user  source_user
   destination user  destination_user
   application  application
   virtual system  virtual_system
   source zone  source_zone
   destination zone  destination_zone
   ingress interface  ingress_interface
   egress interface  egress_interface
   log forwarding profile  log_forwarding_profile
   source port  source_port
   destination port  destination_port
   NAT source port  nat_source_port
   NAT destination port  nat_destination_port
   flags  flags
   protocol  protocol
   action  action
   category  category
   action flags  action_flags
   source location  source_location
   destination location  destination_location
   content type  content_type
   page  page
   user  user

Sawmill stores the following numerical fields in its database for Palo Alto Networks Firewall (Integrated Threat & Traffic), aggregating them and including them as columns in most reports:

Numerical Field  Internal Name
   events  events
   page views  page_views
   bytes  bytes
   packets  packets
   elapsed time  elapsed_time

See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Palo Alto Networks Firewall (Integrated Threat & Traffic) reports.

Sawmill also supports 997 other log formats.

© 2014 Flowerfire | Copyright | Privacy Policy | License Agreement | Terms of Use | Contact | Feedback | About
Sawmill Software
Sawmill Software
Back to Sawmill Home