kennonkwok/messages.json

## messages.json
{
  "api.version": "v1",
  "source":
  {
    "name": "Messagessss",
    "sourceType": "LocalFile",
    "automaticDateParsing": true,
    "multilineProcessingEnabled": false,
    "useAutolineMatching": true,
    "forceTimeZone": false,
    "timeZone": "UTC",
    "category": "OS/Linux/System",
    "pathExpression": "/var/log/messages"
  }
}

## secure.json
{
  "api.version": "v1",
  "source":
  {
    "name": "Secureeee",
    "sourceType": "LocalFile",
    "automaticDateParsing": true,
    "multilineProcessingEnabled": false,
    "useAutolineMatching": true,
    "forceTimeZone": false,
    "timeZone": "UTC",
    "category": "OS/Linux/Security",
    "pathExpression": "/var/log/secure"
  }
}

## sumo.conf
name=default-centos-71
ephemeral=true
accessid=XXXXXXXXXXXX
accesskey=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
syncSources=/etc/sumo.d/
	{
	"api.version": "v1",
	"source":
	{
	"name": "Messagessss",
	"sourceType": "LocalFile",
	"automaticDateParsing": true,
	"multilineProcessingEnabled": false,
	"useAutolineMatching": true,
	"forceTimeZone": false,
	"timeZone": "UTC",
	"category": "OS/Linux/System",
	"pathExpression": "/var/log/messages"
	}
	}
	{
	"api.version": "v1",
	"source":
	{
	"name": "Secureeee",
	"sourceType": "LocalFile",
	"automaticDateParsing": true,
	"multilineProcessingEnabled": false,
	"useAutolineMatching": true,
	"forceTimeZone": false,
	"timeZone": "UTC",
	"category": "OS/Linux/Security",
	"pathExpression": "/var/log/secure"
	}
	}
	name=default-centos-71
	ephemeral=true
	accessid=XXXXXXXXXXXX
	accesskey=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
	syncSources=/etc/sumo.d/