Firewall logs hold masses of information about traffic through the firewall (both internal and external bound traffic). Firewall log analysis helps IT departments and IT managers, as well as security staff, determine proper use of company resources as well as ensuring compliance use of IT equipment within company and therefore showing adherence to corporate standards and regulatory financial reporting compliance. These include The Sarbanes-Oxley Act of 2002, also known as the Public Company Accounting Reform and Investor Protection Act of 2002 and commonly called SOX or Sarbox, The Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry Data Security Standard (PCI DSS).
Firewall log analysis in Sawmill Analytics is best combined with Syslog-ng premium edition that uses the Transport Layer Security (TLS) protocol to encrypt the communication. TLS also allows the mutual authentication of the host and the server using X.509 certificates. Syslog-ng premium edition also automatically stores messages on the local hard disk if the central log server or the network connection becomes unavailable. The syslog-ng application automatically sends the stored messages to the server when the connection is re-established.
Sawmill Analytics is browser based, so there is no need to install any client software to use the interface. All the reports are one click away, and allow you to forensically examine all your data with the on-the-fly zoom filters, or the global filters, available through the global filter editor. All reports are pulled directly from the database, so as long as the database is up-tp-the-minute, your reports will be to. You can schedule the database update regularly, or every minute, to make sure you are looking at the latest report.
Firewall analyzers can allow IT managers to monitor employee behaviour on the web. Each Sawmill report can be filtered for a single internal staff member and produce a report of all the activity of that username/computer. You can analyze the total time online, sites visited, pages viewed on each site, bandwidth used for each user or analyze usage by department, individual, or you can create your own groupings as desired. You can drill down to view the pages that each employee/group/department has viewed and the search terms that each used.