# LKLogScanFPConfig.txt
# Version 2.0.0 for Firewalls & Proxy Servers
# Configuration file for LK Log Scan v.2.0.0 for Firewalls & Proxy Servers (LKLogScanFP.exe) 
# by Kyle Harris.  If this file becomes corrupt, revert to the DEFAULT_LKLogScanFPConfig.txt 
# that accompanied this package.  You can do this by manually copying the contents of the file 
# DEFAULT_LKLogScanFPConfig.txt to LKLogScanFPConfig.txt and then making the necessary changes 
# to it.  

# Please see the readme.txt file for additional installation, configuration, and 
# licensing information.  Also see the web site at http://www.lklogscan.com/ for other 
# information including an FAQ page.

# The program will ignore any blank lines or lines starting with a pound symbol which can be 
# used for making notes within this file.

# Set the I_have_read_&_agree_to_the_License_Agreement variable below to yes once you have read 
# and agree to the License Agreement in the ReadMe.txt file that accompanied this package.
i_have_read_&_agree_to_the_license_agreement=no

# Set mail_from to the e-mail address that messages will originate from
mail_from=someone@mydomain.com

# Set smtp_server to your SMTP mail server
smtp_server=myserver.mydomain.com

# Set mail_to to the e-mail addres of the intended recipient(s)
# Separate multiple addresses by a comma and no spaces
mail_to=me@mydomain.com

# Set subject to the subject of the e-mail message.
subject=LK Log Scan for Firewalls & Proxy Servers - Report

# Set word_file to the location and file name of the text file containing words to scan for.
# This file must be an ASCII text file with one word per line followed by a return.  No comments
# are allowed.
word_file=C:\batch\LKLogScanFP\word_file.txt

# Set what_to_monitor to either domain_only or entire_url.  The domain_only option might help
# to cut down on false hits.
what_to_monitor=domain_only

# Set notify_always to yes if you would like to be notified when the scan runs even if it 
# doesn't find any word hits.  If you are only interested in the totals section, you might
# want to set this to yes.  Otherwise, set notify_always to no.
notify_always=yes

# If LK Log Scan returns domain names that do contain one of the words in your word file
# BUT do not pose a problem for you, you may include that domain name in the text file 
# ok_domains.txt.  This file is not necessary and may be commented out.  Example of it use is as 
# follows.  Suppose one of the words in your word file is "sex".  Furthermore, suppose every day 
# the program returns hits from the domain www.sussexhouse.org (contains the word sex).  You 
# could put the domain name www.sussexhouse.org in the ok_domains.txt file and it will no longer 
# be reported as a hit. 
# This file must be an ASCII text file with one word per line followed by a return.  No comments
# are allowed.
ok_domains=C:\batch\LKLogScanFP\ok_domains.txt

# Set log_directory to the directory where your log files are stored.  
log_directory=C:\Program Files\Microsoft ISA Server\ISALogs

# Set log_file_name_format to the format of your log file name. The log file format for LK Log
# Scan for Firewalls & Proxy Servers to use can be configured using the following information:
# Variables and their definitions:
# %MM		Month
# %DD		Day
# %YY		Two digit year
# %YYYY	Four digit year
# Examples:
# WEBEXTD%YYYY%MM%DD.LOG would be valid for the file name of WEBEXTD20020401.LOG
# ex%YY%MM%DD.log would be valid for the file name of ex021028.log
# access_log.%YYYY%MM%dd.log would be valid for the file name of access_log.20021020.log
log_file_name_format=WEBEXTD%YYYY%MM%dd.LOG

# Set log_delimiter to either comma or tab depending on your log file format
log_delimiter=tab

# Set log_fields using the following order:
# {Date Field (date)},{Time Field (time)},{Domain Field (r-host)},{URL Field (cs-uri)},
# {IP Address Field (c-ip)},{User Name Field (cs-username)}
# Note that brackets are shown for clarity only and should not be included.  All entries should
# be separated by a comma and no spaces.  
# Example:  log_fields=4,5,8,16,1,2
# The above works for a default install of Microsoft ISA Server 2000
log_fields=4,5,8,16,1,2

# Set verbose to either 0, 1, or 2, depending on how much output you wish to see on the
# screen.  Setting verbose=0 shows very basic information.  Setting verbose=1 shows the
# output report on the screen.  Setting verbose=2 shows the output report plus it shows
# program status as it runs.  A lower verbose setting provides faster scan times.  
# Setting verbose=1 can be used to redirect output to a file by running the program as 
# follows from a command prompt:  LKLogScanFP > output.txt
verbose=2

# Set resolve_ip_addresses=yes if you would like the program to use DNS to resolve all IP
# addresses it encounters within the domain portion of each URL.  This keeps users from typing
# in the IP address of a site they sholdn't be going to instead of the site's domain name.  If
# set to yes, additional time will be required for the program to do DNS resolution of those 
# IP addresses.  Depending on the number of IP addresses encountered, this could slow down the 
# program considerably.  Note that in order for this option to work, the machine running LK Log 
# Scan must be able to resolve Internet DNS names!
resolve_ip_addresses=yes

# Set minutes_threshold to the minimum number of minutes that must be met before a domain
# will appear in the report for each user.  For example, if you set this to 10 minutes and a 
# user visits domain xyz.com for only 5 minutes, that domain will not be listed for that user.
# set minutes_threshold=0 to show all.
# DISABLED IN THE DEMO VERSION ! !
minutes_threshold=0

# Set total_minutes_threshold to the minimum number of minutes that a user must be 
# on line before they will appear on the output report.  For example, if you set this to 10
# minutes and you have a user that spends a total of only 8 minutes online, they will not be 
# included in the output report.  Set total_minutes_threshold=0 to show all.
# DISABLED IN THE DEMO VERSION ! !
total_minutes_threshold=0

# Set number_of_top_users to the number of users whose online time you wish to be reported,
# sorted by time spent online.  Set number_of_top_users=0 for none.
# DISABLED IN THE DEMO VERSION ! !
number_of_top_users=5

# Set number_of_top_domains to the number of domains you wish to see for each user sorted
# by top time spent at each domain.  Set number_of_top_domains=0 for none.
# DISABLED IN THE DEMO VERSION ! !
number_of_top_domains=10

# Set number_of_days_to_subtract=0 in order to scan the log file for the current 
# day.  Set to 1 to always scan the log file from the day before, and so forth.  
# This might be useful if you  wish to schedule the program to run automatically 
# at, say 2:00 a.m. each morning.  You could set number_of_days_to_subtract=1 to 
# scan the log file from the previous day.  Otherwise it would scan the log file 
# for the current day which would only include log entries made between midnight 
# and the time it was ran, in this case 2:00 a.m.
number_of_days_to_subtract=0

# Set idle_minutes to the number of minutes that must pass before a users is considered to have
# gone off-line.  Can not be set lower than 10 or higher than 59.  See the ReadMe.txt file for 
# further IMPORTANT information regarding this variable.
idle_minutes=15

# If LK Log Scan returns domain names under the "Estimated Top Reported Users" section that
# you do not want reported, you can put those domain names in this file.  For example, maybe
# you don't want the report to include windowsupdate.microsoft.com since that is probably not
# a user surfing.  You can put that domain in this file and the time a computer spends on this
# domain will no longer be reported. 
# This file must be an ASCII text file with one word per line followed by a return.  No comments
# are allowed.
# DISABLED IN THE DEMO VERSION ! !
skip_domains=C:\batch\LKLogScanFP\skip_domains.txt