- Supports most of syslog existing servers: Kiwi, WinSyslog, Linux/BSD syslogs, Cisco PFSS, syslog-ng and more. If a syslog is not supported, it can be added (typically within 24 hours).

- Breakdown of every type of message recorded by the firewall. Bar graph.

- Breakdown of the 7 levels of messages, color-coded. Pie chart

- Hyperlinks to the Pix messages database at www.eventid.net

- Hyperlinks to the TCP/IP protocols database at www.eventid.net

- Hyperlinks to the Whois engine hosted at www.eventid.net

- Reverse host name resolution for the IP addresses shown in the report. The resolved IP addresses are saved in a cache file. The cache file can be modified directly with wildcards for entire subnets (i.e. 64.236.16 = cnn.com).

- Top N (configurable) visited web sites. Bar graph.

- Top N (configurable) internal web users. Bar graph.

- Top N (configurable) email users (inbound/outbound SMTP, POP3/IMAP)

- Top N (configurable) custom protocol section (Up to 10 custom protocols + 1 section with multiple protocols)

- Top N (configurable) internal users (IP addresses), by traffic. Pie chart.

- Top N (configurable) external users (IP addresses), by traffic. Pie chart.

- Top N (configurable) denied IP addresses. Bar graph.

- Top N (configurable) denied protocols - for most common protocols, the name of the protocol is displayed. Pie chart.

- Top denial reasons. Pie chart.

- Top N (configurable) IP addresses targeted by denied IP addresses. Bar graph.

- Top N (configurable) protocols (by traffic) - for most common protocols, the name of the protocol is displayed. Pie chart.

- Top N (configurable) protocols (by number of connections) - for most common protocols, the name of the protocol is displayed. Pie chart, bar graph.

- Traffic by hour - inbound, outbound, total. 3D Bar graph.

- Traffic and denials by hour - Area graph.

- Top N (configurable) management messages (firewall management sessions telnet and SSH, including failed attempts).

- Top N (configurable) VPN events.

- Top N (configurable) warnings and notifications.

- Include/exclude regular expressions keywords

- Monitor certain IP addresses (color coded, comments)

- Monitor denied connections for every type of protocol (optional)

- Top N (configurable) FTP uploads and downloads

- Glossary of terms

- Retrieval and analysis of the Cisco Pix configuration. No other log analyzer offers this feature!

- Ability to schedule daily analysis. The reports can be sent via email and/or be made accessible via intranet. The email can send the report embedded, as an attachment or as a zipped attachment.

- Hyperlinks to log analysis research resources, including our "Analyzing Cisco Pix firewall logs with FireGen Log Analyzer" web page.

- Ability to detect and separate entries from multiple firewalls reporting to the same syslog server.

- Ability to analyze Cisco router logs (beta). Please note that a special procedure is required for this. Contact us for details.

- Several report types: Last N hours, Start date/End date, Today, Yesterday

- The report information can be saved in CSV format for archiving or analysis with custom tools.

- The report appearance can be customized: colors, fonts, sections to be displayed, date format.

- Ability to detect and analyze zipped log files. Ability to zip the log files after they have been analyzed

- Support forums

- Last but not the least - FireGen is developed by Senior Firewall Administrators that are daily involved in tasks like installation, troubleshooting and monitoring of firewalls and VPN devices.