# Copyright (c) 2010 Flowerfire, Inc.  All Rights Reserved.
cisco_ce = {

  plugin_version = "1.0.1"

  # Initial creation - 1.0
  # 2010-10-18 - 1.0.1 - MSG - Edited info lines.

  info.1.manufacturer = "Cisco Systems"
  info.1.device = "CE (Content Engine)"
  info.1.version.1 = "500 Series"

  # Created from this:

  # The logs are created by Cisco Content Engines running software ACNS
  # 5.2.1.b.7. collected by a Cisco Content Distribution
  # Manager, a model CE565 running ACNS 5.2.1.b.7, which writes the logs to
  # your server. 


  # The name of the log format
  log.format.format_label = "Cisco CE Log Format"
  log.miscellaneous.log_data_type = "firewall"
  log.miscellaneous.log_format_type = "network_device"

  # The log is in this format if any of the first ten lines match this regular expression
  log.format.autodetect_regular_expression = "^StartTime Duration ProcessName ChannelID ChannelName DeviceName CDNUrl SourceUrl LastModifiedTime Size Status Action AuthType ProxyUsed"

  # This regular expression is used to parse the log fields out of the log entry
  log.format.parsing_regular_expression = "^([A-Z][a-z][a-z]-[A-Z][a-z][a-z]-[0-9-][0-9]-[0-9][0-9]:[0-9][0-9]:[0-9][0-9]-[0-9][0-9][0-9][0-9]) ([0-9]+) ([^ ]+) ([0-9]+) <([^>]*)> <([^>]*)> <([^>]*)> <([^>]*)> ([^ ]+) ([0-9])+ <([^>]*)> <([^>]*)>"

  # The format of dates and times in this log
#  log.format.date_format = "mmm dd hh:mm:ss yyyy"
#  log.format.time_format = "mmm dd hh:mm:ss yyyy"
  log.format.date_format = "auto"
  log.format.time_format = "auto"

  # Log fields
  log.fields = {

    start_time = ""
    duration = ""
    process_name = ""
    channel_id = ""
    channel_name = ""
    device_name = ""
    cdn_url.type = "page"
    source_url = ""
    last_modified_time = ""
    size = ""
    status = ""
    action = ""
    auth_type = ""
    proxy_used = ""

    date = ""
    time = ""

  } # log.fields


  # Database fields
  database.fields = {

    date_time = ""
    day_of_week = ""
    hour_of_day = ""
    process_name = ""
    channel_id = ""
    channel_name = ""
    device_name = ""
    cdn_url = ""
    source_url = ""
    status = ""
    action = ""
    auth_type = ""
    proxy_used = ""

  } # database.fields


  log.parsing_filters = {

#Tue-Mar--1-16:12:10-2005
#012345678901234567890123
    build_date_time = "
if (length(start_time) == 24) then (
  date = replace_first(substr(start_time, 8, 2) . '/' . substr(start_time, 4, 3) . substr(start_time, 20, 4), '-', '0');
  time = substr(start_time, 11, 8);
)
"


  } # log.parsing_filter


  # Log Filters
  log.filters = {

    detect_page_views = {
      label = '$lang_admin.log_filters.detect_page_views_label'
      comment = '$lang_admin.log_filters.detect_page_views_comment'
      value = "if ((file_type eq 'JPEG') or (file_type eq 'JPG') or (file_type eq 'GIF') or (file_type eq 'ICO') or (file_type eq 'PNG') or (file_type eq 'CSS') or (file_type eq 'SWF') or (file_type eq 'JS')) then page_views = 0; else page_views = 1;"
    } # detect_page_views

    simplify_url = {
      label = "$lang_admin.log_filters.simplify_url_label"
      comment = "$lang_admin.log_filters.simplify_url_comment"
      value = "if (matches_regular_expression(cdn_url, '^([^:]+://[^/]+/)')) then cdn_url = $1 . '(omitted)'"
    } # simplify_url

    strip_non_page_views = {
      label = '$lang_admin.log_filters.strip_non_page_views_label'
      comment = '$lang_admin.log_filters.strip_non_page_views_comment'
      value = "if (page_views == 0) then cdn_url = substr(cdn_url, 0, last_index(cdn_url, '/') + 1) . '(nonpage)';"
    } # strip_non_page_views

    mark_entry = {
      label = '$lang_admin.log_filters.mark_entry_label'
      comment = '$lang_admin.log_filters.mark_entry_comment'
      value = 'hits = 1;'
    } # mark_entry

  } # log.filters

#  log.field_options = {
#
#    sessions_page_field = "url_accessed"
#    sessions_visitor_id_field = "none"
#    sessions_event_field = "page_views"
#
#  } # log.field_options


  database.numerical_fields = {

    hits = {
      label = "$lang_stats.field_labels.hits"
      default = false
      requires_log_field = false
      type = "int"
      display_format_type = "integer"
      entries_field = true
    } # hits

    page_views = {
      label = "$lang_stats.field_labels.page_views"
      default = true
      requires_log_field = false
      type = "int"
      display_format_type = "integer"
    } # page_views

    size = {
      label = "$lang_stats.field_labels.size"
      default = false
      requires_log_field = true
      log_field = "size"
      type = "float"
      display_format_type = "bandwidth"
    } # size

    duration = {
      label = $lang_stats.field_labels.duration
      default = false
      requires_log_field = true
      type = int
      display_format_type = duration_milliseconds
    } # duration

  } # database.numerical_fields


  create_profile_wizard_options = {
    date_time_tracking = true
    host_tracking = true

    # How the reports should be grouped in the report menu
    report_groups = {
      date_time_group = ""
      content_group = {
        channel_id = true
        channel_name = true
        cdn_url = true
        source_url = true
      }
      process_name = true
      device_name = true
      status = true
      action = true
      auth_type = true
      proxy_used = true
    } # report_groups

  } # create_profile_wizard_options

} # cisco_ce