TREND MICRO CONTROL MANAGER
Sawmill is a Trend Micro Control Manager log analyzer (it also supports the 1021 other log formats listed to the left).
It can process log files
in Trend Micro Control Manager format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse Trend Micro Control Manager logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform Trend Micro Control Manager log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for Trend Micro Control Manager, generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | | Internal Name |
| date/time | | date_time |
| day of week | | day_of_week |
| hour of day | | hour_of_day |
| event type | | event_type |
| computer name | | computer_name |
| message ID | | message_id |
| sender | | sender |
| recipient | | recipient |
| subject | | subject |
| policy name | | policy_name |
| policy settings | | policy_settings |
| action on content | | action_on_content |
| action on message | | action_on_message |
| infect source | | infect_source |
| infect destination | | infect_destination |
| virus | | virus |
| product | | product |
| pattern | | pattern |
| engine | | engine |
| first action | | first_action |
| first action result | | first_action_result |
| second action | | second_action |
| second action result | | second_action_result |
| file name | | file_name |
| file path | | file_path |
| login user name | | login_user_name |
| object name URL | | object_name_url |
| file type | | file_type |
| client IP | | client_ip |
| location | | location |
| blocking type | | blocking_type |
| blocking rule | | blocking_rule |
| event | | event |
| severity | | severity |
| description | | description |
| generation time zone | | generation_time_zone |
Sawmill stores the following numerical fields in its database for Trend Micro Control Manager, aggregating them and including them as columns in most reports:
| Numerical Field | | Internal Name |
| malicious events | | malicious_events |
| virus events | | virus_events |
| workstation virus events | | workstation_virus_events |
| web virus events | | web_virus_events |
| email virus events | | email_virus_events |
| spyware events | | spyware_events |
| web spyware events | | web_spyware_events |
| workstation spyware events | | workstation_spyware_events |
| web filtering events | | web_filtering_events |
| email filtering events | | email_filtering_events |
| admin events | | admin_events |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Trend Micro Control Manager reports.
Sawmill also supports 1021 other log formats.