firewall1_ng = { # The name of the log format log.format.format_label = "Firewall-1 NG Log Format" log.miscellaneous.log_data_type = "firewall1_ng" log.miscellaneous.log_format_type = "firewall" # The log is in this format if any of the first ten lines match this regular expression log.format.autodetect_regular_expression = "^\"Number\" \"Date\" \"Time\" " # The format of dates and times in this log log.format.date_format = "ddmmmyyyy" log.format.time_format = "h:m:s" # Don't track these fields as discrete database fields auto_setup.omit_database_fields = "Number" # Entries are called accesses statistics.miscellaneous.entry_name = "accesses" # Log fields log.fields = { resource = { label = "$lang_stats.field_labels.resource" type = "page" index = 0 subindex = 0 hierarchy_dividers = "/?" left_to_right = true leading_divider = "true" } # resource } # log.fields # Database fields database.fields = { resource = { label = "$lang_stats.field_labels.resource" log_field = "resource" type = "string" suppress_top = 0 suppress_bottom = 9 } # resource } # database.fields # Log Filters log.filters = { 1 = { label = "1" comment = "" value = "if (starts_with(information, 'resource:')) then (if (matches_regular_expression(information, '^resource: (.*);')) then resource = information; information = '';)" requires_fields = { information = true } } # 1 simplify_url = { label = "$lang_admin.log_filters.simplify_url_label" comment = "$lang_admin.log_filters.simplify_url_comment" value = "if (matches_regular_expression(resource, '^([^:]+://[^/]+/)')) then resource = $1 . '(omitted)'" } # simplify_url remove_query = { label = "$lang_admin.log_filters.remove_query_label" comment = "$lang_admin.log_filters.remove_query_comment" value = "if (contains(resource, '?')) then resource = substr(resource, 0, index(resource, '?') + 1) . '(parameters)';" requires_fields = { resource = true } } # remove_query detect_page_views = { label = '$lang_admin.log_filters.detect_page_views_label' comment = '$lang_admin.log_filters.detect_page_views_comment' value = "if ((file_type eq 'JPEG') or (file_type eq 'JPG') or (file_type eq 'GIF') or (file_type eq 'ICO') or (file_type eq 'PNG') or (file_type eq 'CSS') or (file_type eq 'SWF') or (file_type eq 'JS')) then page_views = 0; else page_views = 1;" requires_fields = { file_type = true } } # detect_page_views strip_non_page_views = { label = '$lang_admin.log_filters.strip_non_page_views_label' comment = '$lang_admin.log_filters.strip_non_page_views_comment' value = "if (page_views == 0) then resource = substr(resource, 0, last_index(resource, '/') + 1) . '(nonpage)';" requires_fields = { resource = true } } # strip_non_page_views mark_entry = { label = '$lang_admin.log_filters.mark_entry_label' comment = '$lang_admin.log_filters.mark_entry_comment' value = 'accesses = 1;' } # mark_entry } # log.filters log.field_options = { sessions_page_field = "resource" sessions_visitor_id_field = "source" sessions_event_field = "page_views" } # log.field_options database.numerical_fields = { accesses = { label = "$lang_stats.field_labels.accesses" default = false requires_log_field = false type = "int" display_format_type = "integer" entries_field = true } # accesses page_views = { label = "$lang_stats.field_labels.page_views" default = true requires_log_field = false type = "int" display_format_type = "integer" } # page_views visitors = { label = "$lang_stats.field_labels.visitors" default = false requires_log_field = true log_field = "source" type = "unique" display_format_type = "integer" } # visitors } # database.numerical_fields create_profile_wizard_options = { # How the reports should be grouped in the report menu report_groups = { date_time_group = "" source_group = { source_port = true user = true source = true origin = true } # source_group other_group = { destination = true resource = true product = true interface = true type = true action = true service = true protocol = true rule = true information = true } # other_group } # report_groups } # create_profile_wizard_options auto_setup.omit_database_fields = "number" not_supported = { bandwidth = true } # not_supported } # firewall1_ng