##############################################################################
#                                                                            #
#                                                                            #
#                         I M P O R T A N T  N O T E                         #
#                         --------------------------                         #
#                                                                            #
#                                                                            #
# Inktomi is phasing out the use of this file in favor of the more powerful  #
# XML-style configuration file (logs_xml.config) introduced with             #
# Taffic Server version 3.5.                                                 #
#                                                                            #
# With the logs_xml.config file you get all the functionality the            #
# traditional logs.config file provides, plus many more options that allow   #
# you to customize Traffic Server logging in various ways not possible       #
# before.                                                                    #
#                                                                            #
# We strongly encourage our customers to use the new XML-based configuration #
# to create custom logs since support for the conventional logs.config       #
# file will be discontinued in the near future.                              #
#                                                                            #
# To facilitate the transition from the custom log format definition used in #
# this file to the XML-style, Inktomi provides a utility tool called         #
# cust_log_fmt_cnvrt that takes the "old" format as input, and generates the #
# equivalent XML configuration as output. The program can be found in the    #
# same directory traffic_server is installed in. Type                        #
# "cust_log_fmt_cnvrt --help" to get information on how to use it.           #
#                                                                            #
##############################################################################
#
# This is the configuration file for Traffic Server logging.  The purpose
# of this file is to define custom logging formats and filters.  Standard
# event log formats (Squid, Netscape Common, Netscape Extended, Netscape
# Extended2) are built into the Traffic Server logging system and can be
# enabled/disabled from the logging configuration user interface.
#
# Formats
# =======
#
# An event log format specifies which fields are to be gathered from each
# Http/ICP access event and placed into the log file as a log entry.
# For each new custom log format type, the following information is needed:
#
#   the word "format"
#   enabled or disabled
#   unique format identifier integer
#   format name
#   printf-style format string specifying the field symbols and how they
#      should look in ASCII
#   file name
#   file type: either ASCII or BINARY
#   file header data (or "none")
#
# All of this information is placed on a SINGLE line, following the
# identifier "format" and separated by colons (':').  Example:
#
# format:enabled:1:minimal:%<chi> / %<cqu> / %<pssc>:minimal:ASCII:none
#
# Filters
# =======
#
# Filters are used to exclude certain entries from being logged.  They
# specify a log field, a condition, and a value.  If the condition is true
# for the value, then the entry is tossed (not logged).  Valid conditions
# are "MATCH" and "NOMATCH".  Each filter must be attached to a valid
# format, identified by name.  The names of the pre-defined formats are
# contained within the records.config file, and the names of the custom
# formats are given above.  So, a valid filter specification has the
# following fields (in order):
#
#   the word "filter"
#   name of the format that this filter applies to, or the word "_global_"
#	to indicate that this is a global filter and should be applied to 
#	all log formats
#   valid log field specification 
#   condition, either "MATCH" or "NOMATCH"
#   value that the field will be compared with
#
# Example: from the minimal format, remove all entries where the
# client_host_ip is 127.0.0.1:
#
# filter:minimal:%<chi>:MATCH:127.0.0.1
#
# One final note: the code that parses this is fairly simple-minded (like
# its designer), so make sure you follow all of the rules exactly.
#
############################################################################## 
#
# WebTrends Enhanced Log Format (WELF)
#
# the following format generates a log file in the WebTrends Enhanced Log
# Format. To generate a log in this format, uncomment the line and replace
# <FORMAT_ID> with an integer different from any other format identifier
# you may be using in this file (if this is the only format, simply substitute
# 1 for <FORMAT_ID>). 
#
#format:enabled:<FORMAT_ID>:welf:id=firewall time="%<cqtd> %<cqtt>" fw=%<phn> pri=6 proto=%<cqus> duration=%<ttmsf> sent=%<psql> rcvd=%<cqhl> src=%<chi> dst=%<shi> dstname=%<shn> user=%<caun> op=%<cqhm> arg="%<cqup>" result=%<pssc> ref="%<{Referer}cqh>" agent="%<{user-agent}cqh>" cache=%<crc>:welf:ASCII:none
#
##############################################################################