# Copyright (c) 2014 Flowerfire, Inc.  All Rights Reserved.
optenet = {

  plugin_version = "1.0"

  # Initial creation - 1.0
  # 2014-09-30 - 1.0 - Lew - copied from blue_coat_squid.cfg and modified for this format

  info.1.manufacturer = "Optenet"
  info.1.device = "WebFilter"

  # The name of the log format
  log.format.format_label = "Optenet WebFilter"
  log.miscellaneous.log_data_type = "network"
  log.miscellaneous.log_format_type = "firewall"

  # The log is in this format if any of the first ten lines match this regular expression
  log.format.autodetect_regular_expression = "^[0-9.]*\t[^\t]*\t[^\t]*\t[^\t]*\t[0-9]*/[A-Z][a-z]+/[0-9]*[0-9:]*\t[^\t]*\t[0-9]*\t[0-9]*\t[0-9]*\t[^\t]*\t[^\t]*\t[^\t]*\t[^\t]*\t[^\t]*\t[^\t]*\t[^\t]*\t[^\t]*\t[^\t]*\t[^\t]*$"

  # This regular expression is used to parse the log fields out of the log entry
  # http://regex101.com/r/iW5rS5/4
  log.format.parsing_regular_expression = "^([0-9.]*)\t([^\t]*)\t([^\t]*)\t([^\t]*)\t([0-9]*/[A-Z][a-z]+/[0-9]*[0-9:]*)\t([^\t]*)\t([0-9]*)\t([0-9]*)\t([0-9]*)\t([^\t]*)\t([^\t]*)\t([^\t]*)\t([^\t]*)\t([^\t]*)\t([^\t]*)\t([^\t]*)\t([^\t]*)\t([^\t]*)\t([^\t]*)$"

  # The format of dates and times in this log
  log.format.date_format = "dd/mmm/yyyy:hh:mm:ss"
  log.format.time_format = "dd/mmm/yyyy:hh:mm:ss"

  # Log fields
  log.fields = {

    source_ip = {
      type = "host"
    } # source_ip

    client_id = ""
    user_name = ""
    user_group = ""

    Date = {
      type = "date_time"
      index = 0
      subindex = 0
      dividers = ""
      left_to_right = false
      leading_divider = "false"
    } # Date

    Uri = ""
	Traffic = ""
	Time = ""
	Accessed = ""
	Rule = ""
	Category = ""
	filetype = ""
	virus_name = ""
	EngineName = ""
	Protocol = ""
	ServiceWeb = ""
	PhysicalLocation = ""
	instance_name = ""
	Service = ""


  } # log.fields

  # Database fields
  database.fields = {

    date_time = {
      log_field = "Date"
      type = "string"
      display_format_type = "date_time"
    } # date_time

    day_of_week = {
      log_field = "day_of_week"
      type = "string"
      display_format_type = "day_of_week"
    } # day_of_week

    hour_of_day = {
      log_field = "hour_of_day"
      type = "string"
      display_format_type = "hour_of_day"
    } # hour_of_day

    source_ip = {
      log_field = "source_ip"
      type = "string"
    } # source_ip

    client_id = ""
    user_name = ""
    user_group = ""
	Uri = ""
	Traffic = ""
	Time = ""
	Accessed = ""
	Rule = ""
	Category = ""
	filetype = ""
	virus_name = ""
	EngineName = ""
	Protocol = ""
	ServiceWeb = ""
	PhysicalLocation = ""
	instance_name = ""
	Service = ""

  } # database.fields

  # Log Filters
  log.filters = {
	mark_entry = { 
	  label = '$lang_admin.log_filters.mark_entry_label' 
	  comment = '$lang_admin.log_filters.mark_entry_comment' 
	  value = 'events = 1' 
	} # mark_entry
	
  } # log.filters

  database.numerical_fields = {

	events = { 
	  label = "$lang_stats.field_labels.events" 
	  default = true 
	  requires_log_field = false 
	  type = "int" 
	  display_format_type = "integer" 
	  entries_field = true 
	} # events 

  } # database.numerical_fields

  log.field_options = {

    sessions_page_field = "Uri"
    sessions_visitor_id_field = "source_ip"

  } # log.field_options

  create_profile_wizard_options = {

    # How the reports should be grouped in the report menu
    report_groups = {

      date_time_group = ""
      source_group = {
        source_ip = true
        Uri = true
        filetype = true
      }
      other_group = {
	    Traffic = true
	    Time = true
	    Accessed = true
	    Rule = true
	    Category = true
	    virus_name = true
	    EngineName = true
	    Protocol = true
	    ServiceWeb = true
	    PhysicalLocation = true
	    instance_name = true
	    Service = true
      }

    } # report_groups

  } # create_profile_wizard_options

} # optenet