Ben Hay - 2009-07-14

Using NTLM_AUTH  results in a lot of TCP_DENIED/407 entries in the logs.

The following code filters out this junk. 
I place it right after  if($record[0]<=$lastTimestamp) {} in mysar-importer.php.

//  Ignore NTLM_AUTH generated entries
        if($record[3] == 'TCP_DENIED/407')
        {
                debug('Ignoring TCP_DENIED/407', 40);
                debug('.',30);
                debug('Updating last known offset to '.ftell($handle).'... ',40,__FILE__,__LINE__);
                updateConfig('lastLogOffset',ftell($handle));
                continue;
        }