# Copyright (c) 2010 Flowerfire, Inc.  All Rights Reserved.
ichain = {

  plugin_version = "1.0.3"

  info.1.manufacturer = "Novell"
  info.1.device = "iChain (W3C)"
  info.1.version.1 = "2.3"

  # 2007-02-05 : gas : 1.0.1beta : Added new plug-in based on i_chain.cfg
  # 12/02/2007 : gas : 1.0.2beta : added collect_port_from_ip filter and new lang_stats entries for
  #                                c_version and cs_authname
  # 2007-09-14 - 1.0.2 - KBB - renumbered per new beta policy
  # 2010-10-01 - 1.0.3 - MSG - Edited info lines.

  # The name of the log format
  log.format.format_label = "Novell iChain W3C Log Format"
  log.miscellaneous.log_data_type = "generic_w3c"  
  log.miscellaneous.log_format_type = "other"

  # The log is in this format if any of the first ten lines match this regular expression
  log.format.autodetect_regular_expression = "^#Software: iChain"

  # The format of dates and times in this log
  log.format.date_format = "yyyy-mm-dd"
  log.format.time_format = "hh:mm:ss"

  # Don't track these fields as discrete database fields
# auto_setup.omit_database_fields = "sc_bytes,cs_bytes,time_taken"
  
  log.fields.port.type = "flat"
  database.fields.port.type = "string"

  # Log Filters
  log.filters = {
  
    collect_port_from_ip = {
      label = "This collects and removes the port information from the c_ip field, where present"
      comment = "This collects and removes the port information from the c_ip field, where present"
      value = "if (matches_regular_expression(c_ip, '^([0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+):([0-9]+)$')) then (c_ip = $1;port = $2);"
	} # collect_port_from_ip

    remove_query = {
      label = "$lang_admin.log_filters.remove_query_label"
      comment = "$lang_admin.log_filters.remove_query_comment"
      value = "if (contains(cs_uri_stem, '?')) then cs_uri_stem = substr(cs_uri_stem, 0, index(cs_uri_stem, '?') + 1) . '(parameters)';"
    } # remove_query

    detect_page_views = {
      label = '$lang_admin.log_filters.detect_page_views_label'
      comment = '$lang_admin.log_filters.detect_page_views_comment'
      value = "if ((file_type eq 'JPEG') or (file_type eq 'JPG') or (file_type eq 'GIF') or (file_type eq 'ICO') or (file_type eq 'PNG') or (file_type eq 'CSS') or (file_type eq 'SWF') or (file_type eq 'JS')) then page_views = 0; else page_views = 1;"
    } # detect_page_views

    strip_non_page_views = {
      label = '$lang_admin.log_filters.strip_non_page_views_label'
      comment = '$lang_admin.log_filters.strip_non_page_views_comment'
      value = "if (page_views == 0) then cs_uri_stem = substr(cs_uri_stem, 0, last_index(cs_uri_stem, '/') + 1) . '(nonpage)';"
    } # strip_non_page_views

    mark_entry = {
      label = '$lang_admin.log_filters.mark_entry_label'
      comment = '$lang_admin.log_filters.mark_entry_comment'
      value = 'hits = 1;'
    } # mark_entry

  } # log.filters

  log.field_options = {

    sessions_page_field = "cs_uri_stem"
    sessions_visitor_id_field = "c_ip"
    sessions_event_field = "page_views"

  } # log.field_options


  database.numerical_fields = {

    hits = {
      label = "$lang_stats.field_labels.hits"
      default = false
      requires_log_field = false
      type = "int"
      display_format_type = "integer"
      entries_field = true
    } # hits

    page_views = {
      label = "$lang_stats.field_labels.page_views"
      default = true
      requires_log_field = false
      type = "int"
      display_format_type = "integer"
    } # page_views

    visitors = {
      label = "$lang_stats.field_labels.visitors"
      default = false
      requires_log_field = true
      log_field = "c_ip"
      type = "unique"
      display_format_type = "integer"
    } # visitors

    sc_bytes = {
      label = "$lang_stats.field_labels.sc_bytes"
      default = false
      log_field = "sc_bytes"
      requires_log_field = true
      type = "int"
      integer_bits = 64
      display_format_type = "bandwidth"
    }

    cs_bytes = {
      label = "$lang_stats.field_labels.cs_bytes"
      default = false
      log_field = "cs_bytes"
      requires_log_field = true
      type = "int"
      integer_bits = 64
      display_format_type = "bandwidth"
    }
	
	
  } # database.numerical_fields


  create_profile_wizard_options = {

    # How the reports should be grouped in the report menu
    report_groups = {
      date_time_group = ""
      content_group = {
        file_type = true
        cs_uri_stem = true
        cs_uri_query = true
      }
      visitor_demographics_group = {
        c_ip = true
        domain_description = true
        location = true
        cs_authname = true
      }
      visitor_systems_group = {
        screen_dimensions = true
        screen_depth = true
        web_browser = true
        operating_system = true
      }
      referrer_group = {
        referrer = true
        search_engine = true
        search_phrase = true
        referrer_description = true
        search_phrase_by_search_engine = true
      }
      server_group = {
        s_sitename = true
        s_computername = true
        s_ip = true
        s_port = true
        cs_host = true
      }
      other_group = {
        c_version = true
        worm = true
        spider = true
        cs_method = true
        sc_status = true
        sc_substatus = true
        sc_win32_status = true
        cs_cookie = true
		port = true
      }
    } # report_groups


  } # create_profile_wizard_options

  not_supported = {
  } # not_supported

} # ichain