# Copyright (c) 2010 Flowerfire, Inc. All Rights Reserved. filezilla_server = { plugin_version = "1.2.3" # - 1.0 - plug-in created # 04/04/2007 12-06 - gas - 1.1 - Added support for 0.9.18Beta logs # 04/04/2007 - GMF - 1.2 - Added support for "a.m." in the AM/PM field. # 2007-09-13 - gas - 1.2.1 - added support for single digit months # 2007-09-27 - KBB - - added plug-in filezilla_server_dmyyyy.cfg - must maintain in parallel # 2010-04-27 - KBB - 1.2.2 - Added support for the "DELE" action # 2010-10-05 - 1.2.3 - MSG - Edited info lines. info.1.manfacturer = "FileZilla" info.1.device = "FTP Server" info.1.version.1 = "0.9.18Beta" # The name of the log format log.format.format_label = "FileZilla Server (d/m/yyyy) Log Format" log.miscellaneous.log_data_type = "ftp" log.miscellaneous.log_format_type = "ftp_server" # The log is in this format if any of the first ten lines match this regular expression log.format.autodetect_regular_expression = "^\\([0-9][0-9][0-9][0-9][0-9][0-9]\\) [0-9]+[./]+[0-9]+[./]+[0-9][0-9][0-9][0-9] [0-9]+[.:][0-9][0-9][.:][0-9][0-9] [APMapm. ]*- .*$" # All log field parsing will be done using the parsing filters log.format.parse_only_with_filters = "true" # The format of dates and times in this log # 16/Jun/2006. Note: found log data with 14.05.2006 date. Auto can't handle that, so switched to # dd/mm/yyyy. Is this format ever m/d/y? If so, we'll need a new plug-in (or date query functionality # in Sawmill). -GMF # Yes, m/d/yyyy is needed, so have created new plug-in. - KBB # changed this to d/m/yyyy as we need to support single digit days and months and have assumed # without checking that d/m/yyy will support all variants that dd/mm/yyy will support -gas log.format.date_format = "d/m/yyyy" log.format.time_format = "auto" # Log fields log.fields = { date = { label = "$lang_stats.field_labels.date" type = "date" } # date time = { label = "$lang_stats.field_labels.time" type = "time" } # time client_ip = { label = "$lang_stats.field_labels.client_ip" type = "host" index = 0 subindex = 0 hierarchy_dividers = "." left_to_right = false leading_divider = "false" } # client_ip username = { label = "$lang_stats.field_labels.username" type = "flat" index = 0 subindex = 0 } # username file = { label = "$lang_stats.field_labels.file" type = "page" hierarchy_dividers = "/?" left_to_right = true leading_divider = "true" } # file operation = { label = "$lang_stats.field_labels.operation" type = "flat" index = 0 subindex = 0 } # operation } # log.fields # # Log Parsing Filters log.parsing_filters = { # Parse connecting to lines parse = { label = "parse" comment = "" value = ` if (matches_regular_expression(current_log_line(), '^\\\\(([0-9]+)\\\\) ([0-9./]+) ([0-9:.]+) *[APMapm.]* - (.*) \\\\(([0-9.]+)\\\\)> (.*)$')) then ( v.time = $3; set_collected_field($1, 'date', $2); set_collected_field($1, 'time', $3); set_collected_field($1, 'username', $4); set_collected_field($1, 'client_ip', $5); volatile.key = $1; if (matches_regular_expression($6, '^(STOR|RETR|DELE) +(.*)$')) then ( set_collected_field(volatile.key, 'operation', $1); if (ends_with(current_log_pathname(), '.rtf')) then ( set_collected_field(volatile.key, 'file', substr($2, 0, length($2)-1)); ); else set_collected_field(volatile.key, 'file', $2); accept_collected_entry(volatile.key, false); ) ) ` } # parse } # log.parsing_filters # Database fields database.fields = { date_time = { label = "$lang_stats.field_labels.date_time" log_field = "date_time" type = "string" suppress_top = 0 suppress_bottom = 3 display_format_type = "date_time" } # date_time day_of_week = { label = "$lang_stats.field_labels.day_of_week" log_field = "day_of_week" type = "string" suppress_top = 0 suppress_bottom = 2 display_format_type = "day_of_week" } # day_of_week hour_of_day = { label = "$lang_stats.field_labels.hour_of_day" log_field = "hour_of_day" type = "string" suppress_top = 0 suppress_bottom = 2 display_format_type = "hour_of_day" } # hour_of_day file = { label = "$lang_stats.field_labels.file" log_field = "file" type = "string" suppress_top = 0 suppress_bottom = 9 display_format_type = "file" } # file file_type = { label = "$lang_stats.field_labels.file_type" log_field = "file_type" type = "string" suppress_top = 0 suppress_bottom = 2 } # file_type client_ip = { label = "$lang_stats.field_labels.client_ip" log_field = "client_ip" type = "string" suppress_top = 0 suppress_bottom = 2 display_format_type = "hostname" } # client_ip domain_description = { label = "$lang_stats.field_labels.domain_description" log_field = "domain_description" type = "string" suppress_top = 0 suppress_bottom = 2 } # domain_description location = { label = "$lang_stats.field_labels.location" log_field = "location" type = "string" suppress_top = 0 suppress_bottom = 3 } # location username = { label = "$lang_stats.field_labels.username" log_field = "username" type = "string" suppress_top = 0 suppress_bottom = 2 } # username operation = { label = "$lang_stats.field_labels.operation" log_field = "operation" type = "string" suppress_top = 0 suppress_bottom = 2 } # operation } # database.fields database.numerical_fields = { events = { label = "$lang_stats.field_labels.events" default = true requires_log_field = false type = "int" display_format_type = "integer" entries_field = true } # events } # database.numerical_fields log.filters = { mark_entry = { label = '$lang_admin.log_filters.mark_entry_label' comment = '$lang_admin.log_filters.mark_entry_comment' value = 'events = 1;' } # mark_entry } # log.filters create_profile_wizard_options = { host_tracking = true # How the reports should be grouped in the report menu report_groups = { date_time_group = "" file = true file_type = true client_ip = true domain_description = true country = true username = true operation = true } # report_groups } # create_profile_wizard_options log.field_options = { sessions_page_field = "file" sessions_visitor_id_field = "client_ip" sessions_event_field = "events" } # log.field_options } # filezilla_server