Sawmill is a Firewall-1 NG (text export) log analyzer (it also supports the 843 other log formats listed to the left). It can process log files in Firewall-1 NG (text export) format, and generate dynamic statistics from them, analyzing and reporting events. Sawmill can parse Firewall-1 NG (text export) logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database), aggregate them, and generate dynamically filtered reports, all through a web interface. Sawmill can perform Firewall-1 NG (text export) log analysis on any platform, including Window, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for Firewall-1 NG (text export), generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | Internal Name | ||
|---|---|---|---|
| resource | resource | ||
| geographic location | location | ||
| organization | organization | ||
| ISP | isp | ||
| domain | domain |
Sawmill stores the following numerical fields in its database for Firewall-1 NG (text export), aggregating them and including them as columns in most reports:
| Numerical Field | Internal Name | ||
|---|---|---|---|
| accesses | accesses | ||
| page views | page_views | ||
| unique sources | unique_sources | ||
| bytes | bytes | ||
| packets | packets | ||
| elapsed | elapsed | ||
| Client Inbound Bytes | client_inbound_bytes | ||
| Client Outbound Bytes | client_outbound_bytes | ||
| Server Inbound Bytes | server_inbound_bytes | ||
| Server Outbound Bytes | server_outbound_bytes | ||
| Client Inbound Packets | client_inbound_packets | ||
| Client Outbound Packets | client_outbound_packets | ||
| Server Inbound Packets | server_inbound_packets | ||
| Server Outbound Packets | server_outbound_packets | ||
| Client Inbound DiffServ | client_inbound_diffserv | ||
| Client Outbound DiffServ | client_outbound_diffserv | ||
| Server Inbound DiffServ | server_inbound_diffserv | ||
| Server Outbound DiffServ | server_outbound_diffserv | ||
| Wire Byte/Sec Out | wire_byte_sec_out | ||
| Wire Byte/Sec in | wire_byte_sec_in | ||
| Wire Packet/Sec Out | wire_packet_sec_out | ||
| Wire Packet/Sec in | wire_packet_sec_in | ||
| Application Byte/Sec Out | application_byte_sec_out | ||
| Application Byte/Sec in | application_byte_sec_in | ||
| Application Packet/Sec Out | application_packet_sec_out | ||
| Application Packet/Sec in | application_packet_sec_in |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Firewall-1 NG (text export) reports.
Sawmill also supports 843 other log formats.