WATCHGUARD FIREBOX X CORE E-SERIES
Sawmill is a Watchguard Firebox X Core e-Series log analyzer (it also supports the 1021 other log formats listed to the left).
It can process log files
in Watchguard Firebox X Core e-Series format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse Watchguard Firebox X Core e-Series logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform Watchguard Firebox X Core e-Series log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for Watchguard Firebox X Core e-Series, generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | | Internal Name |
|---|
| | device name | | device_name |
| | priority | | pri |
| | message ID | | msg_id |
| | event type | | event_type |
| | operation | | operation |
| | interface | | interface |
| | protocol | | protocol |
| | source IP | | src_ip |
| | source port | | src_port |
| | source interface | | src_intf |
| | destination IP | | dst_ip |
| | destination port | | dst_port |
| | destination interface | | dst_intf |
| | policy | | policy |
| | protocol | | pr |
| | RC | | rc |
| | TTL | | ttl |
| | message | | msg |
| | proxy action | | proxy_act |
| | offset | | offset |
Sawmill stores the following numerical fields in its database for Watchguard Firebox X Core e-Series, aggregating them and including them as columns in most reports:
| Numerical Field | | Internal Name |
|---|
| | events | | events |
| | received bytes | | rcvd_bytes |
| | packet length | | pckt_len |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Watchguard Firebox X Core e-Series reports.
Sawmill also supports 1021 other log formats.
