# Input syslog(.\d+)? files
[input.files::mylogs]

# disable host level logs
disabled = false

# root location of log files
path = /opt/myapp/logs

# glob pattern
glob = *.log

# regex matching pattern (use it instead of glob pattern if you need more complicated filtering)
# match = 

# limit search only on one level
recursive = false

# files are read using polling schema, when reach the EOF how often to check if files got updated
pollingInterval = 250ms

# how often o look for the new files under logs path
walkingInterval = 5s

# include verbose fields in events (file offset)
verboseFields = false

# override type (source type)
type = linux_host_logs

# specify Splunk index
index =

# regexp to specify the beginning of the event line
eventPattern = 

# regexp field extraction
extraction = 

# timestamp field (if field extraction is used)
timestampField =

# format for timestamp
# the layout defines the format by showing how the reference time, defined to be `Mon Jan 2 15:04:05 -0700 MST 2006`
timestampFormat = Jan 2 15:04:05

# Adjust date, if month/day aren't set in format
timestampSetMonth = false
timestampSetDay = false

# timestamp location (if not defined by format)
timestampLocation = Local

# sample output (-1 does not sample, 20 - only 20% of the logs should be forwarded)
samplingPercent = -1

# sampling key for hash based sampling (should be regexp with the named match pattern `key`)
samplingKey =

# set output (splunk or devnull, default is [general]defaultOutput)
output =

# configure default thruput per second for for each container log
# for example if you set `thruputPerSecond = 128Kb`, that will limit amount of logs forwarded
# from the single container to 128Kb per second.
thruputPerSecond =

# Configure events that are too old to be forwarded, for example 168h (7 days) - that will drop all events
# older than 7 days
tooOldEvents =

# Configure events that are too new to be forwarded, for example 1h - that will drop all events that are 1h in future
tooNewEvents =