# Master configuration template file for google-fluentd on windows.
@include 'config.d/**/*.conf'
# Transform the winevtlog output to match what the google_cloud plugin expects.
@type record_transformer
# Allow Ruby expressions.
enable_ruby
# Rename description to message.
message ${record['Description']}
severity ${case record['Level']; when '0' then 'DEFAULT'; when '1' then 'CRITICAL'; when '2' then 'ERROR'; when '3' then 'WARNING'; when '4' then 'INFO'; when '5' then 'DEBUG'; else 'INFO'; end}
# Parse the time the log was generated into a format 'google_cloud'
# can understand.
time ${t = Time.parse(record['TimeCreated']).strftime("%FT%T.%NZ")}
# Add a unique insertId to each log entry that doesn't already have it.
# This helps guarantee the order and prevent log duplication.
@type add_insert_ids
@type google_cloud
buffer_type file
buffer_path /var/log/google-fluentd/buffers
# Set the chunk limit conservatively to avoid exceeding the recommended
# chunk size of 5MB per write request.
buffer_chunk_limit 512KB
flush_interval 5s
# Enforce some limit on the number of retries.
disable_retry_limit false
# After 3 retries, a given chunk will be discarded.
retry_limit 3
# Wait 10 seconds before the first retry. The wait interval will be doubled on
# each following retry (20s, 40s...) until it hits the retry limit.
retry_wait 10
# Never wait longer than 5 minutes between retries. If the wait interval
# reaches this limit, the exponentiation stops.
# Given the default config, this limit should never be reached, but if
# retry_limit and retry_wait are customized, this limit might take effect.
max_retry_wait 300
# Use multiple threads for processing.
num_threads 8
# Use the gRPC transport.
use_grpc true
# If a request is a mix of valid log entries and invalid ones, ingest the
# valid ones and drop the invalid ones instead of dropping everything.
partial_success true