### LogWisp Configuration ### Default location: ~/.config/logwisp/logwisp.toml ### Configuration Precedence: CLI flags > Environment > File > Defaults ### Default values shown - uncommented lines represent active configuration ### Global Settings background = false # Run as daemon quiet = false # Suppress console output disable_status_reporter = false # Disable status logging config_auto_reload = false # Reload config on file change config_save_on_exit = false # Persist runtime changes ### Logging Configuration [logging] output = "stdout" # file|stdout|stderr|both|none level = "info" # debug|info|warn|error [logging.file] directory = "./log" # Log directory path name = "logwisp" # Base filename max_size_mb = 100 # Rotation threshold max_total_size_mb = 1000 # Total size limit retention_hours = 168.0 # Delete logs older than (7 days) [logging.console] target = "stdout" # stdout|stderr|split format = "txt" # txt|json ### Pipeline Configuration [[pipelines]] name = "default" # Pipeline identifier ### Rate Limiting (Pipeline-level) # [pipelines.rate_limit] # rate = 0.0 # Entries per second (0=disabled) # burst = 0.0 # Burst capacity (defaults to rate) # policy = "pass" # pass|drop # max_entry_size_bytes = 0 # Max entry size (0=unlimited) ### Filters # [[pipelines.filters]] # type = "include" # include|exclude # logic = "or" # or|and # patterns = [".*ERROR.*", ".*WARN.*"] # Regex patterns ### Sources ### Directory Source [[pipelines.sources]] type = "directory" [pipelines.sources.options] path = "./" # Directory to monitor pattern = "*.log" # Glob pattern check_interval_ms = 100 # Scan interval (min: 10ms) ### Stdin Source # [[pipelines.sources]] # type = "stdin" # [pipelines.sources.options] # buffer_size = 1000 # Input buffer size ### HTTP Source # [[pipelines.sources]] # type = "http" # [pipelines.sources.options] # host = "0.0.0.0" # Listen address # port = 8081 # Listen port # ingest_path = "/ingest" # Ingest endpoint # buffer_size = 1000 # Input buffer size # max_body_size = 1048576 # Max request size bytes # [pipelines.sources.options.tls] # enabled = false # Enable TLS # cert_file = "" # Server certificate # key_file = "" # Server key # client_auth = false # Require client certs # client_ca_file = "" # Client CA cert # verify_client_cert = false # Verify client certs # insecure_skip_verify = false # Skip verification (server-side) # ca_file = "" # Custom CA file # min_version = "TLS1.2" # Min TLS version # max_version = "TLS1.3" # Max TLS version # cipher_suites = "" # Comma-separated list # [pipelines.sources.options.net_limit] # enabled = false # Enable rate limiting # ip_whitelist = [] # Allowed IPs/CIDRs (IPv4 only) # ip_blacklist = [] # Blocked IPs/CIDRs (IPv4 only) # requests_per_second = 100.0 # Rate limit per client # burst_size = 100 # Burst capacity # response_code = 429 # HTTP status when limited # response_message = "Rate limit exceeded" # max_connections_per_ip = 10 # Max concurrent per IP # max_connections_total = 1000 # Max total connections ### TCP Source # [[pipelines.sources]] # type = "tcp" # [pipelines.sources.options] # host = "0.0.0.0" # Listen address # port = 9091 # Listen port # buffer_size = 1000 # Input buffer size # [pipelines.sources.options.net_limit] # enabled = false # Enable rate limiting # ip_whitelist = [] # Allowed IPs/CIDRs (IPv4 only) # ip_blacklist = [] # Blocked IPs/CIDRs (IPv4 only) # requests_per_second = 100.0 # Rate limit per client # burst_size = 100 # Burst capacity # response_code = 429 # TCP rejection # response_message = "Rate limit exceeded" # max_connections_per_ip = 10 # Max concurrent per IP # max_connections_per_user = 10 # Max concurrent per user # max_connections_per_token = 10 # Max concurrent per token # max_connections_total = 1000 # Max total connections ### Format Configuration ### Raw formatter (default - passes through unchanged) # format = "raw" ### No options for raw formatter ### JSON formatter # format = "json" # [pipelines.format_options] # pretty = false # Pretty-print JSON # timestamp_field = "timestamp" # Timestamp field name # level_field = "level" # Level field name # message_field = "message" # Message field name # source_field = "source" # Source field name ### Text formatter # format = "txt" # [pipelines.format_options] # template = "[{{.Timestamp | FmtTime}}] [{{.Level | ToUpper}}] {{.Source}} - {{.Message}}{{ if .Fields }} {{.Fields}}{{ end }}" # timestamp_format = "2006-01-02T15:04:05Z07:00" # Go time format ### Sinks ### HTTP Sink (SSE Server) [[pipelines.sinks]] type = "http" [pipelines.sinks.options] host = "0.0.0.0" # Listen address port = 8080 # Server port buffer_size = 1000 # Buffer size stream_path = "/stream" # SSE endpoint status_path = "/status" # Status endpoint [pipelines.sinks.options.heartbeat] enabled = true # Send heartbeats interval_seconds = 30 # Heartbeat interval include_timestamp = true # Include timestamp include_stats = false # Include statistics format = "comment" # comment|message # [pipelines.sinks.options.tls] # enabled = false # Enable TLS # cert_file = "" # Server certificate # key_file = "" # Server key # client_auth = false # Require client certs # client_ca_file = "" # Client CA cert # verify_client_cert = false # Verify client certs # insecure_skip_verify = false # Skip verification # ca_file = "" # Custom CA file # min_version = "TLS1.2" # Min TLS version # max_version = "TLS1.3" # Max TLS version # cipher_suites = "" # Comma-separated list # [pipelines.sinks.options.net_limit] # enabled = false # Enable rate limiting # ip_whitelist = [] # Allowed IPs/CIDRs (IPv4 only) # ip_blacklist = [] # Blocked IPs/CIDRs (IPv4 only) # requests_per_second = 100.0 # Rate limit per client # burst_size = 100 # Burst capacity # response_code = 429 # HTTP status when limited # response_message = "Rate limit exceeded" # max_connections_per_ip = 10 # Max concurrent per IP # max_connections_total = 1000 # Max total connections ### TCP Sink (TCP Server) # [[pipelines.sinks]] # type = "tcp" # [pipelines.sinks.options] # host = "0.0.0.0" # Listen address # port = 9090 # Server port # buffer_size = 1000 # Buffer size # auth_type = "none" # none|scram # [pipelines.sinks.options.heartbeat] # enabled = false # Send heartbeats # interval_seconds = 30 # Heartbeat interval # include_timestamp = false # Include timestamp # include_stats = false # Include statistics # format = "comment" # comment|message # [pipelines.sinks.options.net_limit] # enabled = false # Enable rate limiting # ip_whitelist = [] # Allowed IPs/CIDRs (IPv4 only) # ip_blacklist = [] # Blocked IPs/CIDRs (IPv4 only) # requests_per_second = 100.0 # Rate limit per client # burst_size = 100 # Burst capacity # response_code = 429 # TCP rejection code # response_message = "Rate limit exceeded" # max_connections_per_ip = 10 # Max concurrent per IP # max_connections_per_user = 10 # Max concurrent per user # max_connections_per_token = 10 # Max concurrent per token # max_connections_total = 1000 # Max total connections # [pipelines.sinks.options.scram] # username = "" # SCRAM auth username # password = "" # SCRAM auth password ### HTTP Client Sink (Forward to remote HTTP endpoint) # [[pipelines.sinks]] # type = "http_client" # [pipelines.sinks.options] # url = "" # Target URL (required) # buffer_size = 1000 # Buffer size # batch_size = 100 # Entries per batch # batch_delay_ms = 1000 # Batch timeout # timeout_seconds = 30 # Request timeout # max_retries = 3 # Retry attempts # retry_delay_ms = 1000 # Initial retry delay # retry_backoff = 2.0 # Exponential backoff multiplier # insecure_skip_verify = false # Skip TLS verification # auth_type = "none" # none|basic|bearer|mtls # [pipelines.sinks.options.basic] # username = "" # Basic auth username # password_hash = "" # Argon2 password hash # [pipelines.sinks.options.bearer] # token = "" # Bearer token ====== not needed: ## Custom HTTP headers # [pipelines.sinks.options.headers] # Content-Type = "application/json" # Authorization = "Bearer token" ## Client certificate for mTLS # [pipelines.sinks.options.tls] # ca_file = "" # Custom CA certificate # cert_file = "" # Client certificate # key_file = "" # Client key ### TCP Client Sink (Forward to remote TCP endpoint) # [[pipelines.sinks]] # type = "tcp_client" # [pipelines.sinks.options] # address = "" # host:port (required) # buffer_size = 1000 # Buffer size # dial_timeout_seconds = 10 # Connection timeout # write_timeout_seconds = 30 # Write timeout # read_timeout_seconds = 10 # Read timeout # keep_alive_seconds = 30 # TCP keepalive # reconnect_delay_ms = 1000 # Initial reconnect delay # max_reconnect_delay_seconds = 30 # Max reconnect delay # reconnect_backoff = 1.5 # Exponential backoff multiplier # [pipelines.sinks.options.scram] # username = "" # Auth username # password_hash = "" # Argon2 password hash ### File Sink # [[pipelines.sinks]] # type = "file" # [pipelines.sinks.options] # directory = "./" # Output dir # name = "logwisp.output" # Base name # buffer_size = 1000 # Input channel buffer # max_size_mb = 100 # Rotation size # max_total_size_mb = 0 # Total limit (0=unlimited) # retention_hours = 0.0 # Retention (0=disabled) # min_disk_free_mb = 1000 # Disk space guard ### Console Sinks # [[pipelines.sinks]] # type = "console" # [pipelines.sinks.options] # target = "stdout" # stdout|stderr|split # buffer_size = 1000 # Buffer size ### Authentication Configuration # [pipelines.auth] # type = "none" # none|basic|bearer|mtls ### Basic Authentication # [pipelines.auth.basic_auth] # realm = "LogWisp" # WWW-Authenticate realm # users_file = "" # External users file path # [[pipelines.auth.basic_auth.users]] # username = "" # Username # password_hash = "" # Argon2 password hash ### Bearer Token Authentication # [pipelines.auth.bearer_auth] # tokens = [] # Static bearer tokens ### JWT Validation # [pipelines.auth.bearer_auth.jwt] # jwks_url = "" # JWKS endpoint for key discovery # signing_key = "" # Static signing key (if not using JWKS) # issuer = "" # Expected issuer claim # audience = "" # Expected audience claim