# Copyright (c) 2010 Flowerfire, Inc.  All Rights Reserved.
firewall1_binary = {

  plugin_version = "1.0"

  # 2008-05-28 - 1.0 - GAS - Initial implementation

  info.1.manufacturer = "Checkpoint"
  info.1.device = "Firewall-1"
  info.1.version.1 = "R65"

  # The name of the log format
  log.format.format_label = "Checkpoint Firewall-1 Binary Log Format [SUPPORTED ONLY AFTER TEXT EXPORT]"
  log.miscellaneous.log_data_type = "generic"
  log.miscellaneous.log_format_type = "network_device"

  # The log is in this format if any of the first ten lines match this regular expression
  log.format.autodetect_expression = "starts_with(volatile.log_data_line, '«Íïÿ'))"

  create_profile_wizard_options = {

    not_supported_message = "This log data appears to be in Checkpoint Firewall-1 Binary Log Format, which is a binary format not supported directly by $PRODUCT_NAME ($PRODUCT_NAME processes text files, and does not support binary formats).  You can still analyze this data with $PRODUCT_NAME, but you need to export to a text format first, using an export tool (e.g. using fw logexport (http://www.marshal.com/kb/article.aspx?id=10346) or others)."

  } # create_profile_wizard_options

} # firewall1_binary