Reporting Blacklist

Introduction

Name

reporting-blacklist.cfg

Collection location

~/conf/collection/

Global Location

~/conf/

Description

The reporting blacklist can be used to prevent specified queries and IP addresses being included in Funnelback analytics reports.

Terms contained within the blacklist are compared as a case insensitive exact match against the query.

The blacklist only accepts complete single IP addresses (IP ranges and partial addresses are not supported).

This will include things like:

  • IP addresses of monitoring services

  • IP addresses of local/internal users (this is common to include if you wish to just see analytics based on external users to an organisation’s website)

  • Organisational banned words — terms that should be excluded from appearing in any analytics report.

Changes to the reporting blacklist will not be reflected until the search analytics database is rebuilt.

Configuration

The reporting blacklist can be set at the server or collection level.

Search package level configuration

  1. Open up the administration dashboard and open the details screen the desired search package by either clicking on the search package name or select edit details from the manage dropdown menu for the search package.

  2. Select the browse search package files which will load the configuration file manager. If the reporting blacklist is listed click on this to edit the configuration. If it is not listed then click the add new button then select reporting_blacklist.cfg from the file type dropdown menu.

Alternatively you can use a WebDAV client to edit this file directly.

Server level configuration

The server-wide reporting blacklist should be used to configure IP addresses and queries that should be excluded from the analytics for all search packages on the server.

Editing of the server-wide reporting blacklist files is restricted to system administrators.

The global reporting blacklist can be configured by editing the $SEARCH_HOME/conf/reporting-blacklist.cfg file.

If a global $SEARCH_HOME/conf/reporting-blacklist.cfg exists its content is read and merged with the search package specific one when reports are updated.

Format

The file contains one item per line. Each line is either:

  1. a query term that will not be counted in any reports. Note that:

    • The query term matching is a case-insensitive exact match for the entire search term; e.g. if the blacklist contains bad query, then a log line with bad query will be excluded, but other queries containing bad and query will be included in the analytics report.

    • Similarly, if the blacklist has query, a log line with query will be excluded, but a log line with bad query won’t.

    • Quotes and special character substitutions are not required, or recommended. The blacklist lines "bad query" or bad+query will not match a log line with bad query

    • If you wish for queries that contain a specific word to be excluded these terms need to be added to the Reporting stop words configuration.

  2. an IP address whose queries will not be counted in any reports

    Partial IP addresses are not supported.

  3. a comment. Comments may be placed in the file by using a '#' at the beginning of each line.

Blacklist matching behaviour

A query is rejected if any of the query term or IP Address entries match; requiring that a query match both a query term and IP Address is not supported.

Example

# Some sites use javascript to clear their search form, but people misread the form and
# click the "search" button, ending up with "enter keywords" as a popular search term.
enter keywords
# ignore the spam query "viagra" from any IP address
viagra
# ignore any query from a known monitor service
@192.168.123.123

© 2015- Squiz Pty Ltd