# Copyright (c) 2010 Flowerfire, Inc.  All Rights Reserved.
vircom = {

  # The name of the log format
  log.format.format_label = "Vircom Log Format"

  # Simply a categorization label for this format - no other impact than cosmetics
  log.miscellaneous.log_data_type = "mail_server"  

  # This one has implication has it can mandate additional processing
  # i_prism_monitor.cfg is tab delimited too and uses "internet_device" as format type.
  log.miscellaneous.log_format_type = "internet_device"

  # The log is in this format if any of the first ten lines match this regular expression
  log.format.autodetect_regular_expression = "^Sep.*"

  log.format.field_separator = "	"

#  log.format.parsing_regular_expression = "^(.*)$"

  # Treat fields surrounded by square brackets (e.g. the date/time field) as a single quoted field.
  #log.format.treat_brackets_as_quotes = "false"
  #log.format.common_log_format = "false"

  # The format of dates and times in this log
  log.format.date_format = "mmm dd hh:mm:ss yyyy"
  log.format.time_format = "mmm dd hh:mm:ss yyyy"

  # Log fields
  log.fields = {

    date_time.index = 1
    process_name.index = 2
    process_id.index = 3
    thread_id.index = 4
    severity.index = 5
    type.index = 6
    action.index = 7
    message_id.index = 8

    from = {
      type = "hierarchical"
      index = 9
      hierarchy_dividers = "@"
      left_to_right = false
      leading_divider = false
    } # from

    to = {
      type = "hierarchical"
      index = 10
      hierarchy_dividers = "@"
      left_to_right = false
      leading_divider = false
    } # to

    mailbox.index = 11
    local_addr.index = 12
    local_port.index = 13
    peer_addr = {
      index = 14
      type = "host"
    }
    peer_port.index = 15
    peer_description.index = 16
    scan_what.index = 17
    scan_detect.index = 18
    scan_action.index = 19
    domain.index = 20
    delivery_error.index = 21

  } # log.fields


  # Database fields
  database.fields = {

    date_time = ""
    day_of_week = ""
    hour_of_day = ""
    domain = ""
    from = ""
    to = ""
    peer_addr = ""
    location = ""
    peer_port = ""
    peer_description = ""
    action = ""
    type = ""
    severity = ""
    process_name = ""
    process_id = ""
    thread_id = ""
    message_id = ""
    mailbox = ""
    local_addr = ""
    local_port = ""
    scan_what = ""
    scan_detect = ""
    scan_action = ""
    delivery_error = ""

  } # database.fields


  # Log Filters
  log.filters = {

    mark_entry = {
      label = '$lang_admin.log_filters.mark_entry_label'
      comment = '$lang_admin.log_filters.mark_entry_comment'
      value = 'events = 1;'
    } # mark_entry

  } # log.filters


  database.numerical_fields = {

    events = {
      label = "$lang_stats.field_labels.events"
      default = true
      requires_log_field = false
      type = "int"
      display_format_type = "integer"
      entries_field = true
    } # events

  } # database.numerical_fields


  create_profile_wizard_options = {
    date_time_tracking = true

    report_groups = {
      date_time_group = ""
      domain = ""
      from = ""
      to = ""
      peer_addr = ""
      location = ""
      peer_port = ""
      peer_description = ""
      action = ""
      type = ""
      severity = ""
      process_name = ""
      process_id = ""
      thread_id = ""
      message_id = ""
      mailbox = ""
      local_addr = ""
      local_port = ""
      scan_what = ""
      scan_detect = ""
      scan_action = ""
      delivery_error = ""
    }

  } # create_profile_wizard_options

} # vircom