CISCO PIX/IOS

Sawmill is a Cisco PIX/IOS log analyzer (it also supports the 843 other log formats listed to the left). It can process log files in Cisco PIX/IOS format, and generate dynamic statistics from them, analyzing and reporting events. Sawmill can parse Cisco PIX/IOS logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database), aggregate them, and generate dynamically filtered reports, all through a web interface. Sawmill can perform Cisco PIX/IOS log analysis on any platform, including Window, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.

Sawmill stores the following non-numerical fields in its database for Cisco PIX/IOS, generates reports for each field, and allows dynamic filtering on any combination of these fields:

	Field		Internal Name
	operation		operation
	message		message
	message code		message_code
	protocol		protocol
	source IP		source_ip
	destination IP		destination_ip
	source hostname		source_hostname
	destination hostname		destination_hostname
	source port		source_port
	destination port		destination_port
	source side		source_side
	destination side		destination_side
	geographic location		location
	interface		interface
	direction		direction
	foreign IP		faddr_host
	foreign port		faddr_port
	global IP		gaddr_host
	global port		gaddr_port
	local IP		laddr_host
	local port		laddr_port
	service name		service_name
	URL		url
	flags		flags
	user		user
	command		command
	type		type
	list		list

Sawmill stores the following numerical fields in its database for Cisco PIX/IOS, aggregating them and including them as columns in most reports:

	Numerical Field		Internal Name
	events		events
	page views		page_views
	unique source IPs		unique_source_ips
	bytes		bytes
	destination bytes		destination_bytes
	duration		duration

See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Cisco PIX/IOS reports.

Sawmill also supports 843 other log formats.