Hoverbear/vector.toml

## vector.toml


[sources.in]

  include = ["C:\\Windows\\System32\\winevt\\Logs\\System.evtx"]
  type = "file" # required

[sinks.debug]
  type = "console"
  inputs = ["in"]
  target = "stdout"
  encoding.codec = "json"

[sinks.out]
  # General
  bucket = "vectorlogs"# required
  inputs = ["in"] # required
  assume_role = "arn:aws:iam::982020395256:role/Vectortest"
  region = "us-east-1" # required, required when endpoint = ""
  type = "aws_s3" # required
  compression  = "gzip"
  healthcheck = true

  # Encoding
  encoding.codec = "ndjson" # required

  # Naming
  key_prefix = "windows/date=%F/" # optional, default


	[sources.in]

	include = ["C:\\Windows\\System32\\winevt\\Logs\\System.evtx"]
	type = "file" # required

	[sinks.debug]
	type = "console"
	inputs = ["in"]
	target = "stdout"
	encoding.codec = "json"

	[sinks.out]
	# General
	bucket = "vectorlogs"# required
	inputs = ["in"] # required
	assume_role = "arn:aws:iam::982020395256:role/Vectortest"
	region = "us-east-1" # required, required when endpoint = ""
	type = "aws_s3" # required
	compression = "gzip"
	healthcheck = true

	# Encoding
	encoding.codec = "ndjson" # required

	# Naming
	key_prefix = "windows/date=%F/" # optional, default