WATCHGUARD FIREBOX X CORE E-SERIES
Sawmill is a Watchguard Firebox X Core e-Series log analyzer (it also supports the 1020 other log formats listed to the left).
It can process log files
in Watchguard Firebox X Core e-Series format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse Watchguard Firebox X Core e-Series logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform Watchguard Firebox X Core e-Series log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for Watchguard Firebox X Core e-Series, generates reports for each field, and allows dynamic filtering on any combination of these fields:
|Field|| ||Internal Name|
| ||device name|| ||device_name|
| ||priority|| ||pri|
| ||message ID|| ||msg_id|
| ||event type|| ||event_type|
| ||operation|| ||operation|
| ||interface|| ||interface|
| ||protocol|| ||protocol|
| ||source IP|| ||src_ip|
| ||source port|| ||src_port|
| ||source interface|| ||src_intf|
| ||destination IP|| ||dst_ip|
| ||destination port|| ||dst_port|
| ||destination interface|| ||dst_intf|
| ||policy|| ||policy|
| ||protocol|| ||pr|
| ||RC|| ||rc|
| ||TTL|| ||ttl|
| ||message|| ||msg|
| ||proxy action|| ||proxy_act|
| ||offset|| ||offset|
Sawmill stores the following numerical fields in its database for Watchguard Firebox X Core e-Series, aggregating them and including them as columns in most reports:
|Numerical Field|| ||Internal Name|
| ||events|| ||events|
| ||received bytes|| ||rcvd_bytes|
| ||packet length|| ||pckt_len|
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Watchguard Firebox X Core e-Series reports.
Sawmill also supports 1020 other log formats.