MICROSOFT EXCHANGE SERVER 2007/2010
Sawmill is a Microsoft Exchange Server 2007/2010 log analyzer (it also supports the 1021 other log formats listed to the left).
It can process log files
in Microsoft Exchange Server 2007/2010 format, and generate dynamic statistics from them,
analyzing and reporting events.
Sawmill can parse Microsoft Exchange Server 2007/2010 logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database),
aggregate them, and generate dynamically filtered reports, all through a web interface.
Sawmill can perform Microsoft Exchange Server 2007/2010 log analysis on any platform, including Windows, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for Microsoft Exchange Server 2007/2010, generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | | Internal Name |
| date/time | | date_time |
| hour of day | | hour_of_day |
| day of week | | day_of_week |
| action | | action |
| agent | | agent |
| client hostname | | client_hostname |
| client IP | | client_ip |
| connector ID | | connector_id |
| context | | context |
| data | | data |
| entered org from IP | | entered_org_from_ip |
| event | | event |
| Event ID | | event_id |
| internal message ID | | internal_message_id |
| local endpoint | | local_endpoint |
| message ID | | message_id |
| message info | | message_info |
| message subject | | message_subject |
| number of recipients | | num_recipients |
| P1 from address | | p1_from_address |
| P2 from addresses | | p2_from_addresses |
| reason | | reason |
| reason data | | reason_data |
| recipient | | recipient |
| recipient address | | recipient_address |
| recipient status | | recipient_status |
| reference | | reference |
| related recipient address | | related_recipient_address |
| remote endpoint | | remote_endpoint |
| return path | | return_path |
| sender address | | sender_address |
| sequence number | | sequence_number |
| server hostname | | server_hostname |
| server IP | | server_ip |
| session ID | | session_id |
| smtp response | | smtp_response |
| source | | source |
| source context | | source_context |
| directionality | | directionality |
| tenant ID | | tenant_id |
| original client IP | | original_client_ip |
| original server IP | | original_server_ip |
| custom data | | custom_data |
Sawmill stores the following numerical fields in its database for Microsoft Exchange Server 2007/2010, aggregating them and including them as columns in most reports:
| Numerical Field | | Internal Name |
| events | | events |
| total bytes | | total_bytes |
| recipient count | | recipient_count |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Microsoft Exchange Server 2007/2010 reports.
Sawmill also supports 1021 other log formats.