Free-SA исключения

Фильтры пишем в users.filter.sample

Исключение пользователей из отчета.

I 1
i user1
i user2

Исключение URL из отчета (по подстроке). Будут исключены все строки которые содержат domain.ru и domain2.ru.

U 1
u domain.ru
u domain2.ru

Кусок man'а про фильтры:

FILTER FILES
       The  global,  users and local filters purpose is including OR excluding
       records from processing by free-sa. Global filter affects all data pro-
       cessed  by  free-sa.  Users  filter  affects data processed to all user
       related reports and top sites report. Local filter  affects  only  data
       processed to local filter report.
   File format
       The  file consists of options with arguments, comments and empty lines.
       Each line that starts with a hash (#) symbol is a comment. Options  and
       arguments  are  case  sensitive  and of the form: Option Argument. Each
       policy option is unique, it may appear only once.
       Allowed options (allowed policy ranges is  specified  at  brackets  for
       each policy option):
              A   Policy for IP addresses (0-7).
              a   Entry of IP addresses list.
              B   Policy for bytes (0-1).
              b   Only one entry allowed here - upper bytes limit.
              C   Policy for codes (0-1).
              c   Entry of codes list.
              I   Policy for internal names (0-7).
              i   Entry of internal names list.
              l   Limit number of URLs per one user in local filter report.
                  0 means no limit. Default: 50.
              M   Policy for methods (0-1).
              m   Entry of methods list.
              n   Local filter name.
                  Default: full path to filter configuration file.
              S   Policy for stat codes (0-1).
              s   Entry of stat codes list.
              U   Policy for URLs (0-7).
              u   Entry of URLs list.
              w   Enable or disable bytes column in local filter report (0-1).
                  Default: 1, i.e. enabled.
       Allowed policies:
              0   Include match (by substring for A, I and U policies).
              1   Exclude match (by substring for A, I and U policies).
              2   Include match by exact string.
              3   Exclude match by exact string.
              4   Include match by extended POSIX regular expression.
              5   Exclude match by extended POSIX regular expression.
              6   Include match by ending substring.
              7   Exclude match by ending substring.
       Allowed stat codes for 's' entry:
              0   Actual traffic type.
              1   Denied traffic type (delivery rejected for mail logs).
              2   Cached traffic type.
              3   Other local traffic type (ex: authentication errors).
       Methods list must be filled with first uppercase letter of method  name
       (P for PUT and POST).
       Note:  file should end with empty line.
   Filter file examples
       1.   If  we  want  to  see  only  records   related   to   users   with
       '192.168.0.15', '192.168.0.27' IPs, and see their accesses to all sites
       except 'www.ourcorporatesite.com', then we can  make  following  global
       filter file contents:
       I 2
       i 192.168.0.15
       i 192.168.0.27
       U 1
       u tp://www.ourcorporatesite.com
       2.  If we want to see records related to Code Red, Code Red 2 and Nimda
       viruses activity at local filter report, then  we  can  make  following
       local filter file contents:
       U 0
       u XXXXXXXXXXXX
       u NNNNNNNNNNNN
       u cmd.exe
       3.   If  we  want to see only URLs of actually downloaded images in gif
       format at users reports and top sites report, then we can make  follow-
       ing users filter file contents:
       U 4
       u \.(gif|GIF|Gif)$
       S 0
       s 0