# source 10000 udp @type udp port 10000 tag datahubDefault format multi_format format json time_key EventReceivedTime format syslog format none # source 10000 tcp @type tcp port 10000 tag datahubDefault format multi_format format json time_key EventReceivedTime format syslog format none # source 10100 @type tcp port 10100 tag datahubDefault format multi_format format json time_key EventReceivedTime format syslog format none ####################################### # Outputs ####################################### # Rules to filter things from port 10100 @type rewrite_tag_filter rewriterule1 log_type SMTP.Log smtpTyper rewriterule2 log_type IIS.Log IISLogs rewriterule3 log_type Azure.Pack.Website.Log azurePack rewriterule12 message .+ nocDefault # SMTP Logs @type rewrite_tag_filter rewriterule1 Hostname ^smtp smtpLogs rewriterule2 Hostname ^www wwwSmtpLogs # IIS Logs @type simple-logentries token xxxx flush_interval 1s # Azure Pack Logs @type copy @type simple-logentries token xxxx flush_interval 1s @type s3 @log_level debug path /var/log/td-agent/s3-debug.log aws_key_id xxxx aws_sec_key xxxx s3_bucket backup.azurepack # Oregon is us west 2. s3_region us-west-2 path IISLogs/ #s3_object_key_format %{path}%{time_slice}_%{index}.%{file_extension} #format json #include_time_key true #time_key EventTime # Roll hourly at XX:02 time_slice_format %Y%m%d%H time_slice_wait 2m time_key EventTime time_format "%Y-%m-%d %H:%M:%S" utc buffer_type file buffer_path /var/log/td-agent/s3 buffer_chunk_limit 256m # SMTP Logs - From SMTP servers @type simple-logentries token xxxx flush_interval 1s # SMTP Logs - From Web servers @type simple-logentries token xxxx flush_interval 1s # noc default @type simple-logentries token xxxx flush_interval 1s # bit-bucket @type null