Home Products Enterprise Edition
Sawmill Enterprise PDF Print E-mail
Written by Benson Chung   
Friday, 03 September 2010 11:13

Overview

Sawmill 8 is a log analysis and reporting system, supports more then 800 kinds of log formats, including network device and applications. After read log from anywhere and parse to database, you can get much kind of reports.

Speed

Powerful text analysis engine for process huge log data set. (above 10,000EPS while using  powerful hardware)

Build-in Internal database –  best performance, speeder than external SQL database, 200 to 500% speed up!!

Supports multi-thread, separates log processing can increase processing speed.

Supports 64bit OS platform,  full hardware support!!

Availability

Supports read log files from Local disk、FTP、HTTP、SFTP、ODBC…etc.

Supports external database include MySQLMS-SQL and Oracle for enterprise level application.

Cross platform includes Windows, Linux, FreeBSD, Solaris, MacOS…etc.

Encrypted source code for compile in special platform.

User friendly

Friendly WebUI, Setup Wizard and lots of online documents, easy for use.

Special Zoom function supports Drill-Down to dig log information.

Group of filter function is easy for filter management.

Supports Macro function, operation history can be reused quickly.

Customized reports can be saved and E-mail by scheduler or immediately.

Management

Role-based Authentication Control (RBAC) for highly granular user permission.

Each user account can be assign profiles which is readable or modifiable.

Supports user account policy for password expiration and constraints.

Customization

Powerful tools for report customization.

Supports 3D Pie chart, line graph, bar graph…etc

Built-in field editor supports customization of field property and interface.

Automatically

You can update database, remove old data, generate report, e-mail … etc. though built-in scheduler engine.

Single schedule supports multi job, batch processing when schedule reaches.

Scheduled job executes immediately by Run Now button.

Additional

Windows version includes Syslog service, save logs of devices to single target and sort by source IP / Log type.

Support hourly or daily log rotation and compression.

Single web interface shows reports of all devices.

 

Applications of Sawmill

Sawmill makes risk management easy

  • Sawmill collect and analysis most of data flow for enterprise.
  • Sawmill makes text to database, data could readable, searchable and to compile statistics.
  • Risk and responsibility will easy to find and define though Sawmill for Auditing.
  • Sawmill helps to make reports of trend analysis, error report and attack type… etc, useful for risk identification and forecasting

Sawmill makes logs become useful report

  • Analyzed firewall log report are easy to read about event time, source, destination and amount of events, this is helpful for security policy and auditing; additional bandwidth and rejected message can be referenced for device performance and policy tuning.
  • Network broadcasting is an important type of information flow; to know the relationship of hit rate, customers from and visitors...etc. from log data is helpful. Sawmill can parse text log data to database and generate reports for business use.
  • Analyzed mail log reports will helps you to know where the mail comes from and goes to in single interface, and will statistics transfer bytes, amount of received, sent, and spam. That is very useful to tracking message flow, also helpful for adjust mail policy and server performance.
  • Analyzed web log reports will helps to know hit rate, upload, download bytes, visitors come from (with GeoCity database), that is useful information for online business.
  • Statistics of error codes helps to remind hacker attacking.

You can make more applications by yourself!

System Requirement :

Operation System:

  • Microsoft Windows 2000/XP/2003/Vista/7/2008 or above (x86/x64)
  • Linux: RedHat Enterprise Linux 4/5 (x86/x64) / Fedora Core1~12 (x86/x64)
  • Apple MacOS X 10.2~10.4 (x86/x64/ppc/ppc64)
  • Sun Solaris 8/9 (sparc) / Sun Solaris 10 (x86/x64)
  • OpenBSD 3.8 / FreeBSD / Source Code(Supports Unix/HP-UX/ IBM AIX…etc)

Hardware:

  • Minimum : Pentium 4 , 1GB RAM, 32bit OS, 80GB HDD (for test only)
  • Suggestion : Core 2 Duo , 4GB RAM or above, 64bit OS, 500GB HDD

    PS: Each processor uses 2GB of RAM, disk space must keep 2 to 4 times of RAW data.

Supported log type :

Web Server / Proxy Server / Mail Server / Media Server / FTP Server / Firewall

Network Device / Internet Device / Application / Syslog Server / Others…include more than 800 kinds of log format.

 

Main Features :

  1. Supports WebUI and setup wizard for quick import and remote operation.
  2. Support 848 kinds of log format and generate base reports for each log format.
  3. Supports log centralize management, Syslog server can save device logs sort by IP, Facility.
  4. Supports log rotate and compress by hourly or daily.
  5. Supports highly customization for log filter, user management, reports...etc.
  6. Zoom and customized report can be saved as a new graphical report.
  7. Native HTTP/HTTPS web server; can be integrated with Apache and IIS by CGI mode.
  8. Built-in SQL compatible database; and support external MySQL, MS SQL and Oracle DB.
  9. Support Multi-thread, Multi-processor, support 64bit addressing.
  10. Support log source from Local disk, network share, FTP, HTTP, SFTP, MS SQL, Oracle, and Command line.
  11. Auto detect log format, and supports select manually.
  12. Unlimited user account, Role-Based Authentication Control can define detail permission for each user, friendly for identify authority.
  13. Scheduler can run build database, update database, erase old data, generate report in HTML/PDF format and e-mail reports by single schedule in batch mode.
  14. Built-in IP to City database for location analysis.
  15. All reports can be exported to CSV format files.
  16. Supports structured language for log filter, report filter and interface customization.