Download Sawmill 8.8.1
30 Days Free Trial
Home Products Downloads Purchase Support About About
Sawmill Sawmill



Sawmill has plug-ins to support the following log formats:


Sawmill is a Fortinet Fortigate Firewall log analyzer (it also supports the 1021 other log formats listed to the left). It can process log files in Fortinet Fortigate Firewall format, and generate dynamic statistics from them, analyzing and reporting events. Sawmill can parse Fortinet Fortigate Firewall logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database), aggregate them, and generate dynamically filtered reports, all through a web interface. Sawmill can perform Fortinet Fortigate Firewall log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.

Sawmill stores the following non-numerical fields in its database for Fortinet Fortigate Firewall, generates reports for each field, and allows dynamic filtering on any combination of these fields:

Field  Internal Name
   URL  url
   file type  file_type
   device ID  device_id
   level  level
   device name  devname
   type  type
   subtype  subtype
   priority  pri
   category  cat
   category description  cat_desc
   hostname  hostname
   method  method
   user  user
   group  group
   policy ID  policyid
   source  src
   location  location
   source name  srcname
   source port  src_port
   source interface  src_int
   destination  dst
   destination name  dstname
   destination port  dst_port
   destination interface  dst_int
   translated IP  tran_ip
   translated port  tran_port
   ICMP ID  icmp_id
   ICMP type  icmp_type
   ICMP code  icmp_code
   status  status
   protocol  proto
   service  service
   vd  vd
   VPN  vpn
   dir disp  dir_disp
   translated disp  tran_disp
   message  msg
   action  action
   reason  reason
   virus  virus
   file  file
   UI  ui
   aven  aven
   fcni  fcni
   fdni  fdni
   FTP  ftp
   HTTP  http
   idsdb  idsdb
   idsmn  idsmn
   idssn  idssn
   IMAP  imap
   libav  libav
   POP3  pop3
   SMTP  smtp
   virdb  virdb
   new action  new_act
   new destination address  new_daddr
   new destination interface  new_dintf
   new log  new_log
   new NAT  new_nat
   new source address  new_saddr
   new schedule  new_schd
   new source interface  new_sintf
   new server  new_svr
   old action  old_act
   old destination address  old_daddr
   old destination interface  old_dintf
   old log  old_log
   old NAT  old_nat
   old source address  old_saddr
   old schedule  old_schd
   old source interface  old_sintf
   old server  old_svr
   sequence  seq
   application type  app_type
   destination country  dst_country
   source country  src_country
   translated source IP  tran_sip
   translated source port  tran_sport
   rule  rule
   identidx  identidx
   profile group  profilegroup
   shaper drop sent  shaper_drop_sent
   shaper drop received  shaper_drop_rcvd
   perip drop  perip_drop
   shaper_sent_name  shaper_sent_name
   shaper_rcvd_name  shaper_rcvd_name
   perip_name  perip_name
   VPN tunnel  vpn_tunnel
   application  app
   application category  app_cat
   carrier EP  carrier_ep
   subapplication  subapp
   subappcat  subappcat
   UTM action  utmaction
   UTM event  utmevent
   UTM subtype  utmsubtype

Sawmill stores the following numerical fields in its database for Fortinet Fortigate Firewall, aggregating them and including them as columns in most reports:

Numerical Field  Internal Name
   accesses  accesses
   visitors  visitors
   sent  sent
   received  rcvd
   sent packets  sent_pkt
   received packets  rcvd_pkt
   duration  duration

See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Fortinet Fortigate Firewall reports.

Sawmill also supports 1021 other log formats.

© 2024 Flowerfire | Copyright | Privacy Policy | License Agreement | Terms of Use | Contact | Feedback | About
Sawmill Software
Sawmill Software
Back to Sawmill Home