# Copyright (c) 2010 Flowerfire, Inc.  All Rights Reserved.
eims_error = {

  plugin_version = "1.0.1"

  # 2007-09-11 - 1.0 - KBB - added version number and changed file name from beta_eims_error.cfg
  # 2010-11-02 - 1.0.1 - MSG - Edited info lines.

  info.1.manfacturer = "Eudora"
  info.1.device = "Internet Mail Service Error"
  info.1.version.1 = ""

  info.1.manfacturer = "Qualcomm"
  info.1.device = "EIMS Error"
  info.1.version.1 = ""

  # The name of the log format
  log.format.format_label = "EIMS Error Log Format"
  log.miscellaneous.log_data_type = "mail_smtp"  
  log.miscellaneous.log_format_type = "mail_server"

  # The log is in this format if any of the first ten lines match this regular expression
  log.format.autodetect_regular_expression = "^[A-Z][a-z][a-z], [A-Z][a-z][a-z] [0-9]+, [0-9][0-9][0-9][0-9] [0-9]+:[0-9][0-9]:[0-9][0-9] [APM]+ [0-9+-]+	"

  # Log fields
  log.fields = {

    date = ""
    time = ""
    reason = ""

    source_ip = ""
    source_host = ""

    sender = {
      type = "hierarchical"
      hierarchy_dividers = "@"
      left_to_right = false
      leading_divider = "false"
    }

    recipient = {
      type = "hierarchical"
      hierarchy_dividers = "@"
      left_to_right = false
      leading_divider = "false"
    }

    message = ""

  } # log.fields


  log.parsing_filters.parse = `
if (matches_regular_expression(current_log_line(), '^[A-Za-z]*, ([A-Za-z]* [0-9]+, [0-9]+) ([0-9:]+ [APM]*) [0-9+-]*	(.*)')) then (
  date = $1;
  time = $2;
  message = $3;
  sender = "";
  source_ip = "";
  source_host = "";
  recipient = "";
  if (matches_regular_expression(message, '^Receive failed from ([^ ]*) at ([^ ]*) \\\\(([^)]*)\\\\), (.*)$')) then (
    message = "Received failed";
    sender = $1;
    source_host = $2;
    source_ip = $3;
    reason = $4;
    if (matches_regular_expression(reason, '^recipient ([^ ]*) not known')) then (
      recipient = $1;
      message = "recipient not known";
    );
    else if (matches_regular_expression(reason, '^account ([^ ]*) is disabled')) then (
      recipient = $1;
      message = "account is disabled";
    );
  );
  else if (matches_regular_expression(message, '^Receive failed from ([^ ]*) at ([^ ]*) \\\\(([^)]*)\\\\), (.*)$')) then (
    message = "Received failed ... " . $4;
    sender = $1;
    source_host = $2;
    source_ip = $3;
  );
  else if (matches_regular_expression(message, "^(Refused to relay message) from ([^ ]*) at host ([^ ]*) \\\(([^)]*)\\\\) to ([^ ]*)\\\\.")) then (
    message = $1;
    sender = $2;
    source_host = $3;
    source_ip = $4;
    recipient = $5;
  );
  else if (matches_regular_expression(message, "^([A-Za-z0-9 ]*) from ([^ ]*)$")) then (
    message = $1;
    sender = $2;
  );
  errors = 1;
)
`


  database.fields = {

    message = ""
    reason = ""
    source_ip = ""
    source_host = ""
    sender = ""
    recipient = ""

  } # database.fields


  database.numerical_fields = {

    errors = {
      label = "$lang_stats.field_labels.errors"
      default = true
      requires_log_field = false
      type = "int"
      display_format_type = "integer"
      entries_field = true
    } # errors

  } # database.numerical_fields


  create_profile_wizard_options = {

    # How the reports should be grouped in the report menu
    report_groups = {
      date_time_group = ""
    } # report_groups

  } # create_profile_wizard_options

} # eims_error