# Copyright (c) 2010 Flowerfire, Inc. All Rights Reserved. privoxy = { plugin_version = "1.0.1" # Initial creation - 1.0 # 2011-07-13 - 1.0.1 - MSG - Edited info lines. # 2012-02-24 - 2.0 - GMF - Added support for new format info.1.manufacturer = "GNU" info.1.device = "Privoxy" info.1.version.1 = "3.0.19" # The name of the log format log.format.format_label = "Privoxy Log Format" log.miscellaneous.log_data_type = "firewall" log.miscellaneous.log_format_type = "internet_device" # The log is in this format if any of the first ten lines match this regular expression log.format.autodetect_expression = ` matches_regular_expression(volatile.log_data_line, '^[A-Z][a-z][a-z] [0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9] Privoxy\\([0-9]+\\)') or matches_regular_expression(volatile.log_data_line, '^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9][.][0-9][0-9][0-9] [0-9a-f]{8} (Info|Request:Crunch): ') ` # A log entry is an access statistics.miscellaneous.entry_name = "accesses" # Log fields log.fields = { date = "" time = "" url = { type = "page" hierarchy_dividers = "/?" left_to_right = true leading_divider = "true" } # url events = "" requests = "" requests_blocked = "" } # log.fields log.parsing_filters.parse = ` if (matches_regular_expression(current_log_line(), "^([A-Z][a-z][a-z] [0-9][0-9]) ([0-9][0-9]:[0-9][0-9]:[0-9][0-9]) Privoxy\\([0-9]+\\) Request: (.*)$")) then ( date = normalize_date($1, 'mmm dd'); time = $2; url = $3; requests = 1; ); # 2012-02-15 10:29:18.772 0000115c Request: d.imwx.com/css/common-1-base,common-2-header-hpr,common-3-search-hpr,common-4-content,common-4-content-hpr,common-5-footer-hpr,common-6-alerts,common-7-panels,common-8-ads,common-9-yui.css else if (matches_regular_expression(current_log_line(), '^([0-9-]+) ([0-9:]+)[.][0-9]+ [^ ]+ (.*)$')) then ( date = $1; time = $2; v.remainder = $3; if (matches_regular_expression(v.remainder, '^Request: (.*)$')) then ( url = $1; requests = 1; ); # 2012-02-15 10:29:20.006 0000087c Crunch: Blocked: http://j.imwx.com/v.2152012.11/common/ads/contextuallinks/providerHomepage.js else if (matches_regular_expression(v.remainder, '^Crunch: Blocked: (.*)$')) then ( url = $1; requests_blocked = 1; ); # Reject events if if they're not requets or requests_blocked if ((requests_blocked != 1) and (requests != 1)) then ( 'reject'; ); ); # if new format ` # Database fields database.fields = { date_time = "" url = { # suppress_top = 1 # suppress_bottom = 3 } # url file_type = "" worm = "" } # database.fields # Log Filters log.filters = { remove_query = { label = "$lang_admin.log_filters.remove_query_label" comment = "$lang_admin.log_filters.remove_query_comment" value = "if (contains(url, '?')) then url = substr(url, 0, index(url, '?') + 1) . '(parameters)';" } # remove_query detect_page_views = { label = '$lang_admin.log_filters.detect_page_views_label' comment = '$lang_admin.log_filters.detect_page_views_comment' value = "if ((file_type eq 'JPEG') or (file_type eq 'JPG') or (file_type eq 'GIF') or (file_type eq 'ICO') or (file_type eq 'PNG') or (file_type eq 'CSS') or (file_type eq 'SWF') or (file_type eq 'JS')) then page_views = 0; else page_views = 1;" } # detect_page_views simplify_url = { label = "$lang_admin.log_filters.simplify_url_label" comment = "$lang_admin.log_filters.simplify_url_comment" value = "if (matches_regular_expression(url, '^([^:]+://[^/]+/)')) then url = $1 . '(omitted)'" } # simplify_url strip_non_page_views = { label = '$lang_admin.log_filters.strip_non_page_views_label' comment = '$lang_admin.log_filters.strip_non_page_views_comment' value = "if (page_views == 0) then url = substr(url, 0, last_index(url, '/') + 1) . '(nonpage)';" } # strip_non_page_views } # log.filters database.numerical_fields = { requests = { default = true } requests_blocked = { default = true } } # database.numerical_fields create_profile_wizard_options = { # How the reports should be grouped in the report menu report_groups = { date_time_group = "" url = true file_type = true worm = true } # report_groups } # create_profile_wizard_options } # privoxy