beta_ias_csv = { # The name of the log format log.format.format_label = "IAS Comma-Separated Log Format (BETA)" log.miscellaneous.log_data_type = "generic" log.miscellaneous.log_format_type = "firewall" # The log is in this format if any of the first ten lines match this regular expression log.format.autodetect_regular_expression = "^[^,]+,\"IAS\",[0-9]+/[0-9]+/[0-9]+.[0-9]+:[0-9]+:[0-9]+," # Use comma as the field separator log.format.field_separator = "," # Log fields log.fields = { computername.index = 1 servicename.index = 2 date.index = 3 time.index = 4 packet_type.index = 5 user_name.index = 6 fully_qualified_user_name.index = 7 called_station_id.index = 8 calling_station_id.index = 9 callback_number.index = 10 framed_ip_address.index = 11 nas_identifier.index = 12 nas_ip_address.index = 13 nas_port.index = 14 client_vendor.index = 15 client_ip_address.index = 16 client_friendly_name.index = 17 event_timestamp.index = 18 port_limit.index = 19 nas_port_type.index = 20 connect_info.index = 21 framed_protocol.index = 22 service_type.index = 23 authentication_type.index = 24 np_policy_name.index = 25 reason_code.index = 26 class.index = 27 session_timeout.index = 28 idle_timeout.index = 29 termination_action.index = 30 eap_friendly_name.index = 31 acct_status_type.index = 32 acct_delay_time.index = 33 acct_input_octets.index = 34 acct_output_octets.index = 35 acct_session_id.index = 36 acct_authentic.index = 37 acct_session_time.index = 38 acct_input_packets.index = 39 acct_output_packets.index = 40 acct_terminate_cause.index = 41 acct_multi_ssn_id.index = 42 acct_link_count.index = 43 acct_interim_interval.index = 44 tunnel_type.index = 45 tunnel_medium_type.index = 46 tunnel_client_endpt.index = 47 tunnel_server_endpt.index = 48 acct_tunnel_conn.index = 49 tunnel_pvt_group_id.index = 50 tunnel_assignment_id.index = 51 tunnel_preference.index = 52 ms_acct_auth_type.index = 53 ms_acct_eap_type.index = 54 ms_ras_version.index = 55 ms_ras_vendor.index = 56 ms_chap_error.index = 57 ms_chap_domain.index = 58 ms_ppe_encryption_type.index = 59 ms_mppe_encryption_policy.index = 60 } # log.fields # Database fields database.fields = { date_time = "" day_of_week = "" hour_of_day = "" computername = "" servicename = "" packet_type = "" user_name = "" fully_qualified_user_name = "" called_station_id = "" calling_station_id = "" callback_number = "" framed_ip_address = "" nas_identifier = "" nas_ip_address = "" nas_port = "" client_vendor = "" client_ip_address = "" client_friendly_name = "" event_timestamp = "" port_limit = "" nas_port_type = "" connect_info = "" framed_protocol = "" service_type = "" authentication_type = "" np_policy_name = "" reason_code = "" # class = "" session_timeout = "" idle_timeout = "" termination_action = "" eap_friendly_name = "" acct_status_type = "" acct_delay_time = "" acct_session_id = "" acct_authentic = "" acct_session_time = "" acct_terminate_cause = "" acct_multi_ssn_id = "" acct_link_count = "" acct_interim_interval = "" tunnel_type = "" tunnel_medium_type = "" tunnel_client_endpt = "" tunnel_server_endpt = "" acct_tunnel_conn = "" tunnel_pvt_group_id = "" tunnel_assignment_id = "" tunnel_preference = "" ms_acct_auth_type = "" ms_acct_eap_type = "" ms_ras_version = "" ms_ras_vendor = "" ms_chap_error = "" ms_chap_domain = "" ms_ppe_encryption_type = "" ms_mppe_encryption_policy = "" } # database.fields # Log Filters log.filters = { mark_entry = { label = '$lang_admin.log_filters.mark_entry_label' comment = '$lang_admin.log_filters.mark_entry_comment' value = 'events = 1;' } # mark_entry } # log.filters database.numerical_fields = { events = { default = true requires_log_field = false entries_field = true } # events unique_client_ips = { default = false log_field = "client_ip_address" type = "unique" } # unique_client_ips acct_input_octets = { default = false requires_log_field = true type = "float" display_format_type = "bandwidth" } acct_output_octets = { default = false requires_log_field = true type = "float" display_format_type = "bandwidth" } acct_input_packets = "" acct_output_packets = "" } # database.numerical_fields create_profile_wizard_options = { # How the reports should be grouped in the report menu report_groups = { date_time_group = "" server_group = { computername = true servicename = true } client_group = { user_name = true fully_qualified_user_name = true called_station_id = true calling_station_id = true callback_number = true framed_ip_address = true nas_identifier = true nas_ip_address = true nas_port = true client_vendor = true client_ip_address = true client_friendly_name = true } accounting_group = { acct_status_type = true acct_delay_time = true acct_session_id = true acct_authentic = true acct_session_time = true acct_terminate_cause = true acct_multi_ssn_id = true acct_link_count = true acct_interim_interval = true } tunnel_group = { tunnel_type = true tunnel_medium_type = true tunnel_client_endpt = true tunnel_server_endpt = true acct_tunnel_conn = true tunnel_pvt_group_id = true tunnel_assignment_id = true tunnel_preference = true } other_group = { packet_type = true event_timestamp = true port_limit = true nas_port_type = true connect_info = true framed_protocol = true service_type = true authentication_type = true np_policy_name = true reason_code = true class = true session_timeout = true idle_timeout = true termination_action = true eap_friendly_name = true ms_acct_auth_type = true ms_acct_eap_type = true ms_ras_version = true ms_ras_vendor = true ms_chap_error = true ms_chap_domain = true ms_ppe_encryption_type = true ms_mppe_encryption_policy = true } } # report_groups } # create_profile_wizard_options } # beta_ias_csv