Using Subreports On Filtered Input

Some subreport contains support for filtering their input. One such subreport is the top-referers-by-page subreport. But sometimes a subreport doesn't support filtering its input, or you want to have exactly the same information as other subreports already included in the report but on a subset of the records. The solution to this problem is to set up filters in a specific section. You can find an example of this in the DNS report's configuration file that was commented in Section , “The Report's Configuration File”.

We give two more examples of filtering usage here. A firewall.cfg file could read

=section Permitted Traffic Reports, 100.56.0.x
|select-action action_match="permitted"
|select-to-ip ip-range="^100\\.56\\.0\\."
top-pkt-by-src              ips_to_show=30
top-pkt-by-dst              ips_to_show=30
	

A www.cfg file could read

=section Visitors Reports, excluding 10.0.0.2
|exclude-client_host client_match="^10\\.0\\.0\\.2$"
top-client_host             client_to_show=10
top-client_host-by-size     client_to_show=10
	

In Part II, you will find the description of all the available filters along with their parameters.