WATCHGUARD FIREBOX X CORE E-SERIES
Sawmill is a Watchguard Firebox X Core e-Series log analyzer (it also supports the 1021 other log formats listed to the left).
It can process log files
in Watchguard Firebox X Core e-Series format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse Watchguard Firebox X Core e-Series logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform Watchguard Firebox X Core e-Series log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for Watchguard Firebox X Core e-Series, generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | | Internal Name |
| device name | | device_name |
| priority | | pri |
| message ID | | msg_id |
| event type | | event_type |
| operation | | operation |
| interface | | interface |
| protocol | | protocol |
| source IP | | src_ip |
| source port | | src_port |
| source interface | | src_intf |
| destination IP | | dst_ip |
| destination port | | dst_port |
| destination interface | | dst_intf |
| policy | | policy |
| protocol | | pr |
| RC | | rc |
| TTL | | ttl |
| message | | msg |
| proxy action | | proxy_act |
| offset | | offset |
Sawmill stores the following numerical fields in its database for Watchguard Firebox X Core e-Series, aggregating them and including them as columns in most reports:
| Numerical Field | | Internal Name |
| events | | events |
| received bytes | | rcvd_bytes |
| packet length | | pckt_len |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Watchguard Firebox X Core e-Series reports.
Sawmill also supports 1021 other log formats.