### LogWisp Configuration ### Default location: ~/.config/logwisp/logwisp.toml ### Configuration Precedence: CLI flags > Environment > File > Defaults ### Default values shown - uncommented lines represent active configuration ### Global settings background = false # Run as daemon quiet = false # Suppress console output disable_status_reporter = false # Status logging config_auto_reload = false # File change detection config_save_on_exit = false # Persist runtime changes ### Logging Configuration [logging] output = "stdout" # file|stdout|stderr|both|all|none level = "info" # debug|info|warn|error [logging.file] directory = "./log" # Log directory path name = "logwisp" # Base filename max_size_mb = 100 # Rotation threshold max_total_size_mb = 1000 # Total size limit retention_hours = 168.0 # Delete logs older than [logging.console] target = "stdout" # stdout|stderr|split format = "txt" # txt|json ### Pipeline Configuration [[pipelines]] name = "default" # Pipeline identifier ### Directory Sources [[pipelines.sources]] type = "directory" [pipelines.sources.options] path = "./" # Directory to monitor pattern = "*.log" # Glob pattern check_interval_ms = 100 # Scan interval read_from_beginning = false # Start position ### Console Sources # [[pipelines.sources]] # type = "stdin" # [pipelines.sources.options] # buffer_size = 1000 # Input buffer size ### HTTP Sources # [[pipelines.sources]] # type = "http" # [pipelines.sources.options] # host = "0.0.0.0" # Listen address # port = 8081 # Listen port # path = "/ingest" # Ingest endpoint # max_body_size = 1048576 # Max request size # [pipelines.sources.options.tls] # enabled = false # Enable TLS # cert_file = "" # TLS certificate # key_file = "" # TLS key # client_auth = false # Require client certs # client_ca_file = "" # Client CA cert # verify_client_cert = false # Verify client certs # insecure_skip_verify = false # Skip verification # ca_file = "" # Custom CA file # min_version = "TLS1.2" # Min TLS version # max_version = "TLS1.3" # Max TLS version # cipher_suites = "" # Comma-separated list # [pipelines.sources.options.net_limit] # enabled = false # Enable rate limiting # ip_whitelist = [] # Allowed IPs/CIDRs # ip_blacklist = [] # Blocked IPs/CIDRs # requests_per_second = 100.0 # Rate limit per client # burst_size = 100 # Burst capacity # limit_by = "ip" # ip|user|token|global # response_code = 429 # HTTP status when limited # response_message = "Rate limit exceeded" # max_connections_per_ip = 10 # Max concurrent per IP # max_total_connections = 1000 # Max total connections ### TCP Sources # [[pipelines.sources]] # type = "tcp" # [pipelines.sources.options] # host = "0.0.0.0" # Listen address # port = 9091 # Listen port # [pipelines.sources.options.tls] # enabled = false # Enable TLS # cert_file = "" # TLS certificate # key_file = "" # TLS key # client_auth = false # Require client certs # client_ca_file = "" # Client CA cert # verify_client_cert = false # Verify client certs # insecure_skip_verify = false # Skip verification # ca_file = "" # Custom CA file # min_version = "TLS1.2" # Min TLS version # max_version = "TLS1.3" # Max TLS version # cipher_suites = "" # Comma-separated list # [pipelines.sources.options.net_limit] # enabled = false # Enable rate limiting # ip_whitelist = [] # Allowed IPs/CIDRs # ip_blacklist = [] # Blocked IPs/CIDRs # requests_per_second = 100.0 # Rate limit per client # burst_size = 100 # Burst capacity # limit_by = "ip" # ip|user|token|global # response_code = 429 # Response code when limited # response_message = "Rate limit exceeded" # max_connections_per_ip = 10 # Max concurrent per IP # max_total_connections = 1000 # Max total connections ### Rate limiting # [pipelines.rate_limit] # rate = 0.0 # Entries/second (0=unlimited) # burst = 0.0 # Burst capacity # policy = "drop" # pass|drop # max_entry_size_bytes = 0 # Entry size limit ### Filters # [[pipelines.filters]] # type = "include" # include|exclude # logic = "or" # or|and # patterns = [] # Regex patterns ### Format ### Raw formatter (default) # format = "raw" # raw|json|text ### No options for raw formatter ### JSON formatter # format = "json" # [pipelines.format_options] # pretty = false # Pretty-print JSON # timestamp_field = "timestamp" # Timestamp field name # level_field = "level" # Level field name # message_field = "message" # Message field name # source_field = "source" # Source field name ### Text formatter # format = "text" # [pipelines.format_options] # template = "[{{.Timestamp | FmtTime}}] [{{.Level | ToUpper}}] {{.Source}} - {{.Message}}{{ if .Fields }} {{.Fields}}{{ end }}" # timestamp_format = "2006-01-02T15:04:05Z07:00" # Go time format ### HTTP Sinks [[pipelines.sinks]] type = "http" [pipelines.sinks.options] host = "0.0.0.0" # Listen address port = 8080 # Server port buffer_size = 1000 # Buffer size stream_path = "/stream" # SSE endpoint status_path = "/status" # Status endpoint [pipelines.sinks.options.heartbeat] enabled = true # Send heartbeats interval_seconds = 30 # Heartbeat interval include_timestamp = true # Include time include_stats = false # Include statistics format = "comment" # comment|message # [pipelines.sinks.options.tls] # enabled = false # Enable TLS # cert_file = "" # TLS certificate # key_file = "" # TLS key # client_auth = false # Require client certs # client_ca_file = "" # Client CA cert # verify_client_cert = false # Verify client certs # insecure_skip_verify = false # Skip verification # ca_file = "" # Custom CA file # server_name = "" # Expected server name # min_version = "TLS1.2" # Min TLS version # max_version = "TLS1.3" # Max TLS version # cipher_suites = "" # Comma-separated list # [pipelines.sinks.options.net_limit] # enabled = false # Enable rate limiting # ip_whitelist = [] # Allowed IPs/CIDRs # ip_blacklist = [] # Blocked IPs/CIDRs # requests_per_second = 100.0 # Rate limit per client # burst_size = 100 # Burst capacity # limit_by = "ip" # ip|user|token|global # response_code = 429 # HTTP status when limited # response_message = "Rate limit exceeded" # max_connections_per_ip = 10 # Max concurrent per IP # max_total_connections = 1000 # Max total connections ### TCP Sinks # [[pipelines.sinks]] # type = "tcp" # [pipelines.sinks.options] # host = "0.0.0.0" # Listen address # port = 9090 # Server port # buffer_size = 1000 # Buffer size # [pipelines.sinks.options.heartbeat] # enabled = false # Send heartbeats # interval_seconds = 30 # Heartbeat interval # include_timestamp = false # Include time # include_stats = false # Include statistics # format = "comment" # comment|message # [pipelines.sinks.options.tls] # enabled = false # Enable TLS # cert_file = "" # TLS certificate # key_file = "" # TLS key # client_auth = false # Require client certs # client_ca_file = "" # Client CA cert # verify_client_cert = false # Verify client certs # insecure_skip_verify = false # Skip verification # ca_file = "" # Custom CA file # server_name = "" # Expected server name # min_version = "TLS1.2" # Min TLS version # max_version = "TLS1.3" # Max TLS version # cipher_suites = "" # Comma-separated list # [pipelines.sinks.options.net_limit] # enabled = false # Enable rate limiting # ip_whitelist = [] # Allowed IPs/CIDRs # ip_blacklist = [] # Blocked IPs/CIDRs # requests_per_second = 100.0 # Rate limit per client # burst_size = 100 # Burst capacity # limit_by = "ip" # ip|user|token|global # response_code = 429 # HTTP status when limited # response_message = "Rate limit exceeded" # max_connections_per_ip = 10 # Max concurrent per IP # max_total_connections = 1000 # Max total connections ### HTTP Client Sinks # [[pipelines.sinks]] # type = "http_client" # [pipelines.sinks.options] # url = "" # Target URL (required) # buffer_size = 1000 # Buffer size # batch_size = 100 # Entries per batch # batch_delay_ms = 1000 # Batch timeout # timeout_seconds = 30 # Request timeout # max_retries = 3 # Retry attempts # retry_delay_ms = 1000 # Initial retry delay # retry_backoff = 2.0 # Exponential backoff # insecure_skip_verify = false # Skip TLS verification # ca_file = "" # Custom CA certificate # headers = {} # Custom HTTP headers # [pipelines.sinks.options.tls] # cert_file = "" # Client certificate # key_file = "" # Client key ### TCP Client Sinks # [[pipelines.sinks]] # type = "tcp_client" # [pipelines.sinks.options] # address = "" # host:port (required) # buffer_size = 1000 # Buffer size # dial_timeout_seconds = 10 # Connection timeout # write_timeout_seconds = 30 # Write timeout # read_timeout_seconds = 10 # Read timeout # keep_alive_seconds = 30 # TCP keepalive # reconnect_delay_ms = 1000 # Initial reconnect delay # max_reconnect_delay_seconds = 30 # Max reconnect delay # reconnect_backoff = 1.5 # Exponential backoff # [pipelines.sinks.options.tls] # enabled = false # Enable TLS # insecure_skip_verify = false # Skip verification # ca_file = "" # Custom CA certificate # cert_file = "" # Client certificate # key_file = "" # Client key ### File Sinks # [[pipelines.sinks]] # type = "file" # [pipelines.sinks.options] # directory = "" # Output dir (required) # name = "" # Base name (required) # max_size_mb = 100 # Rotation size # max_total_size_mb = 0 # Total limit (0=unlimited) # retention_hours = 0.0 # Retention (0=disabled) # min_disk_free_mb = 1000 # Disk space guard ### Console Sinks # [[pipelines.sinks]] # type = "stdout" # [pipelines.sinks.options] # buffer_size = 1000 # Buffer size # target = "stdout" # Override for split mode # [[pipelines.sinks]] # type = "stderr" # [pipelines.sinks.options] # buffer_size = 1000 # Buffer size # target = "stderr" # Override for split mode ### Authentication # [pipelines.auth] # type = "none" # none|basic|bearer|mtls ### Basic authentication # [pipelines.auth.basic_auth] # realm = "LogWisp" # WWW-Authenticate realm # users_file = "" # External users file # [[pipelines.auth.basic_auth.users]] # username = "" # Username # password_hash = "" # bcrypt hash ### Bearer authentication # [pipelines.auth.bearer_auth] # tokens = [] # Static bearer tokens ### JWT validation # [pipelines.auth.bearer_auth.jwt] # jwks_url = "" # JWKS endpoint # signing_key = "" # Static signing key # issuer = "" # Expected issuer # audience = "" # Expected audience