coradiant_object = { # The name of the log format log.format.format_label = "Coradiant Log Format (object tracking)" log.miscellaneous.log_data_type = "csv" log.miscellaneous.log_format_type = "firewall" # The log is in this format if any of the first ten lines match this regular expression log.format.autodetect_regular_expression = "^#OBJECT-Record-Fields:" log.format.ignore_format_lines = "true" log.format.field_separator = "," # The format of dates and times in this log log.format.date_format = "dd/mmm/yyyy" log.format.time_format = "auto" # Log fields log.fields = { record_type = { label = "$lang_stats.field_labels.record_type" type = "flat" index = 1 subindex = 0 } # record_type start_time = { label = "$lang_stats.field_labels.start_time" type = "flat" index = 2 subindex = 0 } # start_time date = { label = "$lang_stats.field_labels.date" type = "date" index = 0 subindex = 0 hierarchy_dividers = "" left_to_right = false leading_divider = "false" } # date time = { label = "$lang_stats.field_labels.time" type = "time" index = 0 subindex = 0 hierarchy_dividers = "" left_to_right = false leading_divider = "false" } # time end_time = { label = "$lang_stats.field_labels.end_time" type = "flat" index = 3 subindex = 0 } # end_time server_ip = { label = "$lang_stats.field_labels.server_ip" type = "flat" index = 4 subindex = 0 } # server_ip server_port = { label = "$lang_stats.field_labels.server_port" type = "flat" index = 5 subindex = 0 } # server_port host = { label = "$lang_stats.field_labels.host" type = "host" index = 6 subindex = 0 hierarchy_dividers = "." left_to_right = false leading_divider = "false" } # host uri_stem = { label = "$lang_stats.field_labels.uri_stem" type = "page" index = 7 subindex = 0 hierarchy_dividers = "/?" left_to_right = true leading_divider = "true" } # uri_stem client_ip = { label = "$lang_stats.field_labels.client_ip" type = "flat" index = 8 subindex = 0 } # client_ip client_port = { label = "$lang_stats.field_labels.client_port" type = "flat" index = 9 subindex = 0 } # client_port session_hash = { label = "$lang_stats.field_labels.session_hash" type = "flat" index = 10 subindex = 0 } # session_hash completion = { label = "$lang_stats.field_labels.completion" type = "flat" index = 11 subindex = 0 } # completion http_status = { label = "$lang_stats.field_labels.http_status" type = "flat" index = 12 subindex = 0 } # http_status bytes = { label = "$lang_stats.field_labels.bytes" type = "flat" index = 13 subindex = 0 } # bytes kilobytes = { label = "$lang_stats.field_labels.kilobytes" type = "flat" index = 14 subindex = 0 } # kilobytes e2e_time = { label = "$lang_stats.field_labels.e2e_time" type = "flat" index = 15 subindex = 0 } # e2e_time host_time = { label = "$lang_stats.field_labels.host_time" type = "flat" index = 16 subindex = 0 } # host_time nw_time = { label = "$lang_stats.field_labels.nw_time" type = "flat" index = 17 subindex = 0 } # nw_time ssl_time = { label = "$lang_stats.field_labels.ssl_time" type = "flat" index = 18 subindex = 0 } # ssl_time tcp_rtt = { label = "$lang_stats.field_labels.tcp_rtt" type = "flat" index = 19 subindex = 0 } # tcp_rtt throughput = { label = "$lang_stats.field_labels.throughput" type = "flat" index = 20 subindex = 0 } # throughput tcp_ooo = { label = "$lang_stats.field_labels.tcp_ooo" type = "flat" index = 21 subindex = 0 } # tcp_ooo tcp_retrans = { label = "$lang_stats.field_labels.tcp_retrans" type = "flat" index = 22 subindex = 0 } # tcp_retrans http_method = { label = "$lang_stats.field_labels.http_method" type = "flat" index = 23 subindex = 0 } # http_method http_version = { label = "$lang_stats.field_labels.http_version" type = "flat" index = 24 subindex = 0 } # http_version mime_type = { label = "$lang_stats.field_labels.mime_type" type = "flat" index = 25 subindex = 0 } # mime_type uri_query_string = { label = "$lang_stats.field_labels.uri_query_string" type = "flat" index = 26 subindex = 0 } # uri_query_string post_query_string = { label = "$lang_stats.field_labels.post_query_string" type = "flat" index = 27 subindex = 0 } # post_query_string cookie = { label = "$lang_stats.field_labels.cookie" type = "flat" index = 28 subindex = 0 } # cookie referrer = { label = "$lang_stats.field_labels.referrer" type = "URL" index = 29 subindex = 0 hierarchy_dividers = "/?" left_to_right = true leading_divider = "false" } # referrer agent = { label = "$lang_stats.field_labels.agent" type = "agent" index = 30 subindex = 0 hierarchy_dividers = "" left_to_right = false leading_divider = "false" } # agent is_container = { label = "$lang_stats.field_labels.is_container" type = "flat" index = 31 subindex = 0 } # is_container is_subordinate = { label = "$lang_stats.field_labels.is_subordinate" type = "flat" index = 32 subindex = 0 } # is_subordinate location_code = { label = "$lang_stats.field_labels.location_code" type = "flat" index = 33 subindex = 0 } # location_code } # log.fields # Database fields database.fields = { date_time = { label = "$lang_stats.field_labels.date_time" log_field = "date_time" type = "string" suppress_top = 0 suppress_bottom = 3 display_format_type = "date_time" } # date_time day_of_week = { label = "$lang_stats.field_labels.day_of_week" log_field = "day_of_week" type = "string" suppress_top = 0 suppress_bottom = 2 display_format_type = "day_of_week" } # day_of_week hour_of_day = { label = "$lang_stats.field_labels.hour_of_day" log_field = "hour_of_day" type = "string" suppress_top = 0 suppress_bottom = 2 display_format_type = "hour_of_day" } # hour_of_day uri_stem = { label = "$lang_stats.field_labels.uri_stem" log_field = "uri_stem" type = "string" suppress_top = 0 suppress_bottom = 9 display_format_type = "uri_stem" } # uri_stem file_type = { label = "$lang_stats.field_labels.file_type" log_field = "file_type" type = "string" suppress_top = 0 suppress_bottom = 2 } # file_type worm = { label = "$lang_stats.field_labels.worm" log_field = "worm" type = "string" suppress_top = 0 suppress_bottom = 2 } # worm screen_dimensions = { label = "$lang_stats.field_labels.screen_dimensions" log_field = "screen_dimensions" type = "string" suppress_top = 0 suppress_bottom = 2 } # screen_dimensions screen_depth = { label = "$lang_stats.field_labels.screen_depth" log_field = "screen_depth" type = "string" suppress_top = 0 suppress_bottom = 2 } # screen_depth host = { label = "$lang_stats.field_labels.host" log_field = "host" type = "string" suppress_top = 0 suppress_bottom = 2 display_format_type = "hostname" } # host domain_description = { label = "$lang_stats.field_labels.domain_description" log_field = "domain_description" type = "string" suppress_top = 0 suppress_bottom = 2 } # domain_description location = { label = "$lang_stats.field_labels.location" log_field = "location" type = "string" suppress_top = 0 suppress_bottom = 3 } # location referrer = { label = "$lang_stats.field_labels.referrer" log_field = "referrer" type = "string" suppress_top = 1 suppress_bottom = 3 } # referrer referrer_description = { label = "$lang_stats.field_labels.referrer_description" log_field = "referrer_description" type = "string" suppress_top = 0 suppress_bottom = 2 } # referrer_description search_engine = { label = "$lang_stats.field_labels.search_engine" log_field = "search_engine" type = "string" suppress_top = 0 suppress_bottom = 2 } # search_engine search_phrase = { label = "$lang_stats.field_labels.search_phrase" log_field = "search_phrase" type = "string" suppress_top = 0 suppress_bottom = 2 } # search_phrase web_browser = { label = "$lang_stats.field_labels.web_browser" log_field = "web_browser" type = "string" suppress_top = 0 suppress_bottom = 2 } # web_browser operating_system = { label = "$lang_stats.field_labels.operating_system" log_field = "operating_system" type = "string" suppress_top = 0 suppress_bottom = 2 } # operating_system spider = { label = "$lang_stats.field_labels.spider" log_field = "spider" type = "string" suppress_top = 0 suppress_bottom = 2 } # spider server_ip = { label = "$lang_stats.field_labels.server_ip" log_field = "server_ip" type = "string" suppress_top = 0 suppress_bottom = 2 } # server_ip server_port = { label = "$lang_stats.field_labels.server_port" log_field = "server_port" type = "string" suppress_top = 0 suppress_bottom = 2 } # server_port client_ip = { label = "$lang_stats.field_labels.client_ip" log_field = "client_ip" type = "string" suppress_top = 0 suppress_bottom = 2 } # client_ip client_port = { label = "$lang_stats.field_labels.client_port" log_field = "client_port" type = "string" suppress_top = 0 suppress_bottom = 2 } # client_port completion = { label = "$lang_stats.field_labels.completion" log_field = "completion" type = "string" suppress_top = 0 suppress_bottom = 2 } # completion http_status = { label = "$lang_stats.field_labels.http_status" log_field = "http_status" type = "string" suppress_top = 0 suppress_bottom = 2 } # http_status http_method = { label = "$lang_stats.field_labels.http_method" log_field = "http_method" type = "string" suppress_top = 0 suppress_bottom = 2 } # http_method http_version = { label = "$lang_stats.field_labels.http_version" log_field = "http_version" type = "string" suppress_top = 0 suppress_bottom = 2 } # http_version mime_type = { label = "$lang_stats.field_labels.mime_type" log_field = "mime_type" type = "string" suppress_top = 0 suppress_bottom = 2 } # mime_type uri_query_string = { label = "$lang_stats.field_labels.uri_query_string" log_field = "uri_query_string" type = "string" suppress_top = 0 suppress_bottom = 2 } # uri_query_string post_query_string = { label = "$lang_stats.field_labels.post_query_string" log_field = "post_query_string" type = "string" suppress_top = 0 suppress_bottom = 2 } # post_query_string cookie = { label = "$lang_stats.field_labels.cookie" log_field = "cookie" type = "string" suppress_top = 0 suppress_bottom = 2 } # cookie is_container = { label = "$lang_stats.field_labels.is_container" log_field = "is_container" type = "string" suppress_top = 0 suppress_bottom = 2 } # is_container is_subordinate = { label = "$lang_stats.field_labels.is_subordinate" log_field = "is_subordinate" type = "string" suppress_top = 0 suppress_bottom = 2 } # is_subordinate location_code = { label = "$lang_stats.field_labels.location_code" log_field = "location_code" type = "string" suppress_top = 0 suppress_bottom = 2 } # location_code } # database.fields # Log Parsing Filters log.parsing_filters = { adjust_date = { label = "adjust date" comment = "" value = " if (length(start_time) > 3) then ( date = normalize_date(substr(start_time, 0, length(start_time) - 3), 'seconds_since_jan1_1970'); time = normalize_time(substr(start_time, 0, length(start_time) - 3), 'seconds_since_jan1_1970'); ) " } # adjust_date } # log.parsing_filters # Log Filters log.filters = { simplify_url = { label = "$lang_admin.log_filters.simplify_url_label" comment = "$lang_admin.log_filters.simplify_url_comment" value = "if (matches_regular_expression(uri_stem, '^([^:]+://[^/]+/)')) then uri_stem = $1 . '(omitted)'" } # simplify_url only_page = { label = "only page" comment = "only page" value = "if (referrer eq '-') then referrer = '(no referrer)';" } # no_referrer no_referrer = { label = "$lang_admin.log_filters.no_referrer_label" comment = "$lang_admin.log_filters.no_referrer_comment" value = "if (referrer eq '-') then referrer = '(no referrer)';" } # no_referrer internal_referrer = { label = "$lang_admin.log_filters.internal_referrer_label" comment = "$lang_admin.log_filters.internal_referrer_comment" value = "if (contains(referrer, 'mydomain.com/')) then referrer = '(internal referrer)';" disabled = true } # internal_referrer set_page_for_worm = { label = "$lang_admin.log_filters.set_page_for_worm_label" comment = "$lang_admin.log_filters.set_page_for_worm_comment" value = "if (starts_with(worm, '(')) then '' else uri_stem = '(worm)';" } # set_page_for_worm # remove_query = { # label = "$lang_admin.log_filters.remove_query_label" # comment = "$lang_admin.log_filters.remove_query_comment" # value = "if (contains(page, '?')) then page = substr(page, 0, index(page, '?') + 1) . '(parameters)';" # } # remove_query detect_page_views = { label = '$lang_admin.log_filters.detect_page_views_label' comment = '$lang_admin.log_filters.detect_page_views_comment' value = "if ((file_type eq 'JPEG') or (file_type eq 'JPG') or (file_type eq 'GIF') or (file_type eq 'ICO') or (file_type eq 'PNG') or (file_type eq 'CSS') or (file_type eq 'SWF') or (file_type eq 'JS')) then page_views = 0; else page_views = 1;" } # detect_page_views strip_non_page_views = { label = '$lang_admin.log_filters.strip_non_page_views_label' comment = '$lang_admin.log_filters.strip_non_page_views_comment' value = "if (page_views == 0) then uri_stem = substr(uri_stem, 0, last_index(uri_stem, '/') + 1) . '(nonpage)';" } # strip_non_page_views mark_entry = { label = '$lang_admin.log_filters.mark_entry_label' comment = '$lang_admin.log_filters.mark_entry_comment' value = 'events = 1;' } # mark_entry } # log.filters log.field_options = { sessions_page_field = "uri_stem" sessions_visitor_id_field = "host" sessions_event_field = "page_views" } # log.field_options database.numerical_fields = { events = { label = "$lang_stats.field_labels.events" default = false requires_log_field = false type = "int" display_format_type = "integer" entries_field = true } # events page_views = { label = "$lang_stats.field_labels.page_views" default = true requires_log_field = false type = "int" display_format_type = "integer" } # page_views visitors = { label = "$lang_stats.field_labels.visitors" default = false requires_log_field = true log_field = "host" type = "unique" display_format_type = "integer" } # visitors bytes = { label = "$lang_stats.field_labels.bytes" default = false requires_log_field = true log_field = "bytes" type = "float" display_format_type = "bandwidth" } # bytes average_bytes = { label = "$lang_stats.field_labels.average_bytes" default = false log_field = "bytes" aggregation_method = "average" average_denominator_field = "events" type = "float" display_format_type = "bandwidth" } # average_bytes e2e_time = { label = "$lang_stats.field_labels.e2e_time" default = false requires_log_field = true log_field = "e2e_time" type = "float" display_format_type = "duration_milliseconds" } # e2e_time average_e2e_time = { label = "$lang_stats.field_labels.average_e2e_time" default = false log_field = "e2e_time" aggregation_method = "average" requires_log_field = true average_denominator_field = "events" type = "float" display_format_type = "duration_milliseconds" } # average_e2e_time host_time = { label = "$lang_stats.field_labels.host_time" default = false requires_log_field = true log_field = "host_time" type = "float" display_format_type = "duration_milliseconds" } # host_time average_host_time = { label = "$lang_stats.field_labels.average_host_time" default = false log_field = "host_time" aggregation_method = "average" average_denominator_field = "events" requires_log_field = true type = "float" display_format_type = "duration_milliseconds" } # average_host_time nw_time = { label = "$lang_stats.field_labels.nw_time" default = false requires_log_field = true log_field = "nw_time" type = "float" display_format_type = "duration_milliseconds" } # nw_time average_nw_time = { label = "$lang_stats.field_labels.average_nw_time" default = false log_field = "nw_time" requires_log_field = true aggregation_method = "average" average_denominator_field = "events" type = "float" display_format_type = "duration_milliseconds" } # average_nw_time ssl_time = { label = "$lang_stats.field_labels.ssl_time" default = false requires_log_field = true log_field = "ssl_time" type = "float" display_format_type = "duration_milliseconds" } # ssl_time average_ssl_time = { label = "$lang_stats.field_labels.average_ssl_time" default = false log_field = "ssl_time" requires_log_field = true aggregation_method = "average" average_denominator_field = "events" type = "float" display_format_type = "duration_milliseconds" } # average_ssl_time tcp_rtt = { label = "$lang_stats.field_labels.tcp_rtt" default = false requires_log_field = true log_field = "tcp_rtt" type = "float" display_format_type = "int" } # tcp_rtt average_tcp_rtt = { label = "$lang_stats.field_labels.average_tcp_rtt" default = false log_field = "tcp_rtt" requires_log_field = true aggregation_method = "average" average_denominator_field = "events" type = "float" display_format_type = "int" } # average_tcp_rtt throughput = { label = "$lang_stats.field_labels.throughput" default = false requires_log_field = true log_field = "throughput" type = "float" display_format_type = "int" } # throughput average_throughput = { label = "$lang_stats.field_labels.average_throughput" default = false log_field = "throughput" requires_log_field = true aggregation_method = "average" average_denominator_field = "events" type = "float" display_format_type = "int" } # average_throughput tcp_ooo = { label = "$lang_stats.field_labels.tcp_ooo" default = false requires_log_field = true log_field = "tcp_ooo" type = "float" display_format_type = "int" } # tcp_ooo average_tcp_ooo = { label = "$lang_stats.field_labels.average_tcp_ooo" default = false log_field = "tcp_ooo" requires_log_field = true aggregation_method = "average" average_denominator_field = "events" type = "float" display_format_type = "int" } # average_tcp_ooo tcp_retrans = { label = "$lang_stats.field_labels.tcp_retrans" default = false requires_log_field = true log_field = "tcp_retrans" type = "float" display_format_type = "int" } # tcp_retrans average_tcp_retrans = { label = "$lang_stats.field_labels.average_tcp_retrans" default = false log_field = "tcp_retrans" requires_log_field = true aggregation_method = "average" average_denominator_field = "events" type = "float" display_format_type = "int" } # average_tcp_retrans } # database.numerical_fields create_profile_wizard_options = { date_time_tracking = true host_tracking = true # How the reports should be grouped in the report menu report_groups = { date_time_group = "" content_group = { uri_stem = true file_type = true mime_type = true uri_query_string = true post_query_string = true } visitor_demographics_group = { host = true domain_description = true location = true client_ip = true client_port = true } visitor_systems_group = { screen_dimensions = true screen_depth = true web_browser = true operating_system = true } referrer_group = { referrer = true referrer_description = true search_engine = true search_phrase = true search_phrase_by_search_engine = true } server_group = { server_ip = true server_port = true server_domain = true server_response = true } other_group = { worm = true spider = true completion = true http_status = true http_method = true http_version = true cookie = true is_container = true is_subordinate = true location_code = true } } # report_groups } # create_profile_wizard_options not_supported = { } # not_supported } # coradiant_object