Sawmill is a Snort Log Format (standalone, mm/dd dates) log analyzer (it also supports the 843 other log formats listed to the left). It can process log files in Snort Log Format (standalone, mm/dd dates) format, and generate dynamic statistics from them, analyzing and reporting events. Sawmill can parse Snort Log Format (standalone, mm/dd dates) logs, import them into a MySQL, Microsoft SQL Server, or Oracle database (or its own built-in database), aggregate them, and generate dynamically filtered reports, all through a web interface. Sawmill can perform Snort Log Format (standalone, mm/dd dates) log analysis on any platform, including Window, Linux, FreeBSD, OpenBSD, Mac OS, Solaris, other UNIX, and others.
Sawmill stores the following non-numerical fields in its database for Snort Log Format (standalone, mm/dd dates), generates reports for each field, and allows dynamic filtering on any combination of these fields:
| Field | Internal Name | ||
|---|---|---|---|
| date/time | date_time | ||
| day of week | day_of_week | ||
| hour of day | hour_of_day | ||
| source host | source_host | ||
| destination host | destination_host | ||
| source port | source_port | ||
| destination port | destination_port | ||
| event | event | ||
| protocol | protocol | ||
| classification | classification | ||
| priority | priority | ||
| type | type | ||
| code | code | ||
| xref | xref | ||
| TTL | ttl | ||
| type of service | tos | ||
| ID | id | ||
| ACK | ack | ||
| window | win | ||
| from | from | ||
| to | to |
Sawmill stores the following numerical fields in its database for Snort Log Format (standalone, mm/dd dates), aggregating them and including them as columns in most reports:
| Numerical Field | Internal Name | ||
|---|---|---|---|
| events | events |
See Sawmill Features to learn more about Sawmill's options for viewing, customizing, filtering, exporting and scheduling Snort Log Format (standalone, mm/dd dates) reports.
Sawmill also supports 843 other log formats.