Generic fluentd forwarder client setup

It is possible to use a generic fluentd forward protocol. Either acting as a relay or as a source of logs. Following properties must be set:

  • remote host: logs.logsense.com

  • remote port: 32714

  • SSL enabled: true

Additional fields:

  • (required) cs_customer_token → the actual CUSTOMER_TOKEN value (available in Customer Tokens section of the user portal)

  • (optional) cs_pattern_key → name of the field that will be a subject of automated pattern discovery

  • (optional) cs_src_ip → IP address that should be assigned to the logs

For example,

    @type tail
    tag foo.*
    path /path/to/file

<filter {foo}.**>
  @type record_transformer
    # Please fill the actual token!
    cs_customer_token CUSTOMER_TOKEN
    cs_source_name "foo"

    # Uncomment and enter IP you want the logs to be
    # associated with as the source
    # cs_src_ip "YOUR_IP"

<match foo.**>
  @type forward

  transport tls
    host logs.logsense.com
    port 32714

  flush_interval 10s

If you use Docker you can use the Docker fluentd forwarder image.