@type tail # Parse the timestamp, but still collect the entire line as 'message' format syslog line_format json path /var/log/syslog,/var/log/messages store_pos /var/lib/google-fluentd/pos/syslog.pos read_from_head true tag winevt_xml @type winevt_xml preserve_qualifiers true @type local persistent false @type windows_eventlog2 @id windows_eventlog2 channels application,system,security tag winevt.raw @type local persistent false @type loki url "http://10.1.254.88:3100" username "#{ENV['LOKI_USERNAME']}" password "#{ENV['LOKI_PASSWORD']}" extra_labels {"env":"dev"} flush_interval 10s flush_at_shutdown true buffer_chunk_limit 1m