# Copyright (c) 2010 Flowerfire, Inc.  All Rights Reserved.
web_star = {

  # 2011-07-22 - 1.0.1 - MSG - Edited info lines.

  info.1.manufacturer = "Kerio"
  info.1.device = "WebSTAR"
  info.1.version.1 = ""

  # The name of the log format
  log.format.format_label = "WebSTAR Log Format"
  log.miscellaneous.log_data_type = "webstar"  
  log.miscellaneous.log_format_type = "web_server"

  # The log is in this format if any of the first ten lines match this regular expression
  log.format.autodetect_regular_expression = "^!!LOG_FORMAT "

  # The format of dates and times in this log
  log.format.date_format = "d/m/y"
  log.format.time_format = "hh:mm:ss"

  # Fields are separated by tabs
  log.format.field_separator = "	"

  # Don't track certain fields in the database

  # Note: CS-URI omitted because both it and URL are called "URL" by the log analyzer, which causes
  #       problems if both are present.
#  auto_setup.omit_database_fields = "PATH_ARGS,SEARCH_ARGS,TRANSFER_TIME,BYTES,COOKIE,BYTES_SENT,BYTES_RECEIVED,TRANSFER_TIME,TRANSFER_TIME,CONNECTION_ID,CS_URI_QUERY,CS_URI"


  #          
  # Log Parsing Filters
  log.parsing_filters = {


    # This filter replaces the : characters with / characters, to bring WebSTAR's URL divider

    # in line with what we expect.
    1 = {
      label = "1"
      comment = ""
      value = "url = replace_all(url, ':', '/');"
    } # 1


    # This filter tacks the path args onto the end of the URL field
    2 = {
      label = "2"
      comment = ""
      value = "if (path_args eq '-') then path_args = '(empty)';"
      disabled = true
    } # 2

    3 = {
      label = "3"
      comment = ""
      value = "if (path_args eq '(empty)') then '' else url = '' . url . '$' . path_args;"
      disabled = true
    } # 3


    # This filter tacks the search args onto the end of the URL field
    4 = {
      label = "4"
      comment = ""
      value = "if (search_args eq '-') then search_args = '(empty)';"
      disabled = true
    } # 4

    5 = {
      label = "5"
      comment = ""
      value = "if (search_args eq '(empty)') then '' else url = '' . url . '?' . search_args;"
      disabled = true
    } # 5


  } # log.parsing_filters


  # Get web browser, operating system, web browser, and spider information from the user-agent field.
  log.parsing_filters.derive_from_user_agent = {
    value = `
get_user_agent_info(replace_all(cs_user_agent, '+', ' '));
web_browser = volatile.web_browser;
operating_system = volatile.operating_system;
spider = volatile.spider;
`
    requires_fields = {
      cs_user_agent = true
    }
  }



  # Log Filters
  log.filters = {

    simplify_referrer = {
      label = "$lang_admin.log_filters.simplify_referrer_label"
      comment = "$lang_admin.log_filters.simplify_referrer_comment"
      value = "if (referrer eq '-') then referrer = '(no referrer)' else if (matches_regular_expression(referrer, '^([^:]+://[^/]+/)')) then referrer = $1 . '(omitted)'"
    } # simplify_referrer

    internal_referrer = {
      label = "$lang_admin.log_filters.internal_referrer_label"
      comment = "$lang_admin.log_filters.internal_referrer_comment"
      value = "if (contains(referrer, 'mydomain.com/')) then referrer = '(internal referrer)';"
      disabled = true
    } # internal_referrer

    set_page_for_worm = {
      label = "$lang_admin.log_filters.set_page_for_worm_label"
      comment = "$lang_admin.log_filters.set_page_for_worm_comment"
      value = "if (starts_with(worm, '(')) then '' else url = '(worm)';"
    } # set_page_for_worm

    remove_query = {
      label = "$lang_admin.log_filters.remove_query_label"
      comment = "$lang_admin.log_filters.remove_query_comment"
      value = "if (contains(url, '?')) then url = substr(url, 0, index(url, '?') + 1) . '(parameters)';"
    } # remove_query


    detect_page_views = {
      label = '$lang_admin.log_filters.detect_page_views_label'
      comment = '$lang_admin.log_filters.detect_page_views_comment'
      value = "if ((file_type eq 'JPEG') or (file_type eq 'JPG') or (file_type eq 'GIF') or (file_type eq 'ICO') or (file_type eq 'PNG') or (file_type eq 'CSS') or (file_type eq 'SWF') or (file_type eq 'JS')) then page_views = 0; else page_views = 1;"
    } # detect_page_views

    strip_non_page_views = {
      label = '$lang_admin.log_filters.strip_non_page_views_label'
      comment = '$lang_admin.log_filters.strip_non_page_views_comment'
      value = "if (page_views == 0) then url = substr(url, 0, last_index(url, '/') + 1) . '(nonpage)';"
    } # strip_non_page_views

    mark_entry = {
      label = '$lang_admin.log_filters.mark_entry_label'
      comment = '$lang_admin.log_filters.mark_entry_comment'
      value = 'hits = 1;'
    } # mark_entry

  } # log.filters

  log.field_options = {

    sessions_page_field = "url"
    sessions_visitor_id_field = "hostname"
    sessions_event_field = "page_views"

  } # log.field_options


  database.numerical_fields = {

    hits = {
      label = "$lang_stats.field_labels.hits"
      default = false
      requires_log_field = false
      type = "int"
      display_format_type = "integer"
      entries_field = true
    } # hits

    page_views = {
      label = "$lang_stats.field_labels.page_views"
      default = true
      requires_log_field = false
      type = "int"
      display_format_type = "integer"
    } # page_views

    visitors = {
      label = "$lang_stats.field_labels.visitors"
      default = false
      requires_log_field = true
      log_field = "hostname"
      type = "unique"
      display_format_type = "integer"
    } # visitors

    bytes = {
      label = "$lang_stats.field_labels.bytes"
      default = false
      requires_log_field = true
      type = "float"
      display_format_type = "bandwidth"
    } # bytes

    bytes_sent = {
      label = "$lang_stats.field_labels.bytes_sent"
      default = false
      requires_log_field = true
      type = "float"
      display_format_type = "bandwidth"
    } # bytes_sent

    transfer_time = {
      label = "$lang_stats.field_labels.transfer_time"
      default = false
      requires_log_field = true
      type = int
      display_format_type = duration_compact
    } # transfer_time

    time_taken = {
      label = "$lang_stats.field_labels.time_taken"
      default = false
      requires_log_field = true
      type = int
      display_format_type = duration_compact
    } # time_taken

  } # database.numerical_fields


  create_profile_wizard_options = {

    # How the reports should be grouped in the report menu
    report_groups = {
      date_time_group = ""
      content_group = {
        url = true
        cs_uri = true
        cs_uri_query = true
        cs_uri_stem = true
        file_type = true
        search_args = true
        path_args = true
      }
      visitor_demographics_group = {
        hostname = true
        domain_description = true
        location = true
        user = true
        c_dns = true
        c_ip = true
        from = true
      }
      visitor_systems_group = {
        screen_dimensions = true
        screen_depth = true
        web_browser = true
        operating_system = true
      }
      referrer_group = {
        referrer = true
        referrer_description = true
        search_engine = true
        search_phrase = true
        search_phrase_by_search_engine = true
      }
      server_group = {
        sc_status = true
        cs_host = true
        cs_sip = true
      }
      other_group = {
        worm = true
        spider = true
        hostfield = true
        result = true
        status = true
        method = true
        cs_cookie = true
        cs_method = true
        connection_id = true
      }
    } # report_groups

  } # create_profile_wizard_options

  not_supported = {
  } # not_supported

} # web_star