# Copyright (c) 2010 Flowerfire, Inc.  All Rights Reserved.
tinyproxy = {

  plugin_version = "1.0"

  info.1.manufacturer = "Steven Young and Robert James Kaes"
  info.1.device = "tinyproxy"
  info.1.version.1 = "1"

  # 2008-06-04 - 1.0 - GMF - Initial implementation.

  # The name of the log format
  log.format.format_label = "tinyproxy"
  log.miscellaneous.log_data_type = "proxy"
  log.miscellaneous.log_format_type = "network_device"

  # The log is in this format if any of the first ten lines match this regular expression
  log.format.autodetect_regular_expression = `^(INFO|CONNECT|ERROR) +[A-Z][a-z][a-z] [0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9] [[][0-9]+[]]: Initializing tinyproxy ...`

  # All log field parsing will be done using the parsing filters
  log.format.parse_only_with_filters = "true"

  log.format.date_format = 'mmm dd'

  # Log fields
  log.fields = {

    date = ""
    time = ""
    source_ip.type = "host"
    source_host = ""
    url.type = "page"
    operation = ""
    protocol = ""

    error_message = ""

    errors = ""
    events = ""
    page_views = ""

  } # log.fields


  log.parsing_filters.parse = `

# Get the key
v.key = "";
if (matches_regular_expression(current_log_line(), "file descriptor ([0-9]+)")) then
  v.key = $1;

if (matches_regular_expression(current_log_line(), "^([A-Z]+) *([A-Z][a-z][a-z] [0-9][0-9]) ([0-9][0-9]:[0-9][0-9]:[0-9][0-9]) [[][0-9]+[]]: (.*)$")) then (

  v.event_type = $1;
  set_collected_field(v.key, 'date', $2);
  set_collected_field(v.key, 'time', $3);
  v.message = $4;

  # If this is an error, remember it
  if (v.event_type eq "ERROR") then (

    # Copy it to empty key, so we don't compute file_type now.
#    set_collected_field('', 'date', get_collected_field(v.key, 'date'));
#    set_collected_field('', 'time', get_collected_field(v.key, 'time'));
    v.source_host = get_collected_field(v.key, 'source_host');
    v.source_ip = get_collected_field(v.key, 'source_ip');
    set_collected_field(v.key, 'error_message', v.message);
    set_collected_field(v.key, 'errors', 1);
    accept_collected_entry('', false);
    set_collected_field('', 'source_ip', v.source_ip);
    set_collected_field('', 'source_host', v.source_host);
  ); # if ERROR

  else if (v.event_type eq "CONNECT") then (

    if (matches_regular_expression(v.message, "^Connect [(][^)]+[)]: ([^ ]+) [[]([^]]+)[]]")) then (
      set_collected_field(v.key, 'source_host', $1);
      set_collected_field(v.key, 'source_ip', $2);
    );

    else if (matches_regular_expression(v.message, "^Request [(][^)]+[)]: ([^ ]+) ([^ ]+) ([^ ]+)")) then (
      set_collected_field(v.key, 'operation', $1);
      set_collected_field(v.key, 'url', $2);
      set_collected_field(v.key, 'protocol', $3);
      set_collected_field(v.key, 'events', 1);
      set_collected_field(v.key, 'hits', 1);
      accept_collected_entry(v.key, false);
    );

  ); # if CONNECT

);
`



  # Database fields
  database.fields = {

    date_time = ""
    hour_of_day = ""
    day_of_week = ""
    source_ip = ""
    source_host = ""
    location = ""
    url = {
      suppress_top = 1
    }
    file_type = ""
    operation = ""
    protocol = ""

  } # database.fields


  # Log Filters
  log.filters = {

    remove_query = {
      label = "$lang_admin.log_filters.remove_query_label"
      comment = "$lang_admin.log_filters.remove_query_comment"
      value = "if (contains(url, '?')) then url = substr(url, 0, index(url, '?') + 1) . '(parameters)';"
    } # remove_query

    categorize = {
      label = "$lang_admin.log_filters.categorize_hits_label"
      comment = "$lang_admin.log_filters.categorize_hits_comment"
      value = `
if (hits == 1) then (
  if ((file_type eq 'JPEG') or (file_type eq 'JPG') or (file_type eq 'GIF') or (file_type eq 'ICO') or (file_type eq 'PNG') or (file_type eq 'CSS') or (file_type eq 'SWF') or (file_type eq 'JS')) then (
  )
  else (
    page_views = 1;
  )
);
`
    } # categorize

    simplify_url = {
      label = "$lang_admin.log_filters.simplify_url_label"
      comment = "$lang_admin.log_filters.simplify_url_comment"
      value = "if (matches_regular_expression(url, '^([^:]+://[^/]+/)')) then url = $1 . '(omitted)'"
    } # simplify_url

  } # log.filters

  database.numerical_fields = {

    events = {
      default = true
    } # events

    hits = {
      default = true
    } # hits

    page_views = {
      default = true
    } # page_views

    unique_source_ips = {
      default = false
      log_field = "source_ip"
      type = "unique"
    } # unique_source_ips

    errors = {
      default = true
    } # errors

  } # database.numerical_fields


  create_profile_wizard_options = {

    # How the reports should be grouped in the report menu
    report_groups = {

      date_time_group = ""

    } # report_groups

  } # create_profile_wizard_options

} # tinyproxy