SYMANTEC ENTERPRISE FIREWALL 8
Sawmill is a Symantec Enterprise Firewall 8 log analyzer (it also supports the 1021 other log formats listed to the left).
It can process log files
in Symantec Enterprise Firewall 8 format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse Symantec Enterprise Firewall 8 logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform Symantec Enterprise Firewall 8 log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for Symantec Enterprise Firewall 8, generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | | Internal Name |
|---|
| | date/time | | date_time |
| | day of week | | day_of_week |
| | hour of day | | hour_of_day |
| | server IP | | server_ip |
| | service | | service |
| | type | | type |
| | subtype | | subtype |
| | duration | | duration |
| | authentication result | | authentication_result |
| | ID | | id |
| | source interface | | source_interface |
| | user | | user |
| | source IP | | source_ip |
| | source port | | source_port |
| | source name | | source_name |
| | destination interface | | destination_interface |
| | destination IP | | destination_ip |
| | destination port | | destination_port |
| | destination name | | destination_name |
| | server source port | | server_source_port |
| | URL | | url |
| | file type | | file_type |
| | worm | | worm |
| | operation | | operation |
| | resource | | resource |
| | protocol | | protocol |
| | rule ID | | rule_id |
| | program name | | program_name |
| | status | | status |
| | state | | state |
Sawmill stores the following numerical fields in its database for Symantec Enterprise Firewall 8, aggregating them and including them as columns in most reports:
| Numerical Field | | Internal Name |
|---|
| | accesses | | accesses |
| | page views | | page_views |
| | visitors | | visitors |
| | bytes | | bytes |
| | sent | | sent |
| | received | | received |
| | duration | | duration |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Symantec Enterprise Firewall 8 reports.
Sawmill also supports 1021 other log formats.
