# LogWisp Configuration Reference # Default location: ~/.config/logwisp/logwisp.toml # Override: logwisp --config /path/to/config.toml # # All values shown are defaults unless marked (required) # ============================================================================ # GLOBAL OPTIONS # ============================================================================ # router = false # Enable router mode (multi-pipeline HTTP routing) # background = false # Run as background daemon # quiet = false # Suppress all output # disable_status_reporter = false # Disable periodic status logging # config_auto_reload = false # Auto-reload on config change # config_save_on_exit = false # Save config on shutdown # ============================================================================ # LOGGING (LogWisp's operational logs) # ============================================================================ [logging] output = "stderr" # file, stdout, stderr, both, none level = "info" # debug, info, warn, error [logging.file] directory = "./logs" # Log file directory name = "logwisp" # Base filename max_size_mb = 100 # Rotate after size max_total_size_mb = 1000 # Total size limit for all logs retention_hours = 168.0 # Delete logs older than (0 = disabled) [logging.console] target = "stderr" # stdout, stderr, split (split: info→stdout, error→stderr) format = "txt" # txt, json # ============================================================================ # PIPELINES # ============================================================================ # Define one or more [[pipelines]] blocks # Each pipeline: sources → [rate_limit] → [filters] → [format] → sinks [[pipelines]] name = "default" # (required) Unique identifier # ---------------------------------------------------------------------------- # PIPELINE RATE LIMITING (optional) # ---------------------------------------------------------------------------- # [pipelines.rate_limit] # rate = 1000.0 # Entries per second (0 = unlimited) # burst = 1000.0 # Max burst size (defaults to rate) # policy = "drop" # drop, pass # max_entry_size_bytes = 0 # Max size per entry (0 = unlimited) # ---------------------------------------------------------------------------- # SOURCES # ---------------------------------------------------------------------------- [[pipelines.sources]] type = "directory" # directory, file, stdin, http, tcp # Directory source options [pipelines.sources.options] path = "./" # (required) Directory path pattern = "*.log" # Glob pattern check_interval_ms = 100 # Scan interval (min: 10) # File source options (alternative) # type = "file" # [pipelines.sources.options] # path = "/var/log/app.log" # (required) File path # HTTP source options (alternative) # type = "http" # [pipelines.sources.options] # port = 8081 # (required) Listen port # ingest_path = "/ingest" # POST endpoint # buffer_size = 1000 # Entry buffer size # net_limit = { # Rate limiting # enabled = true, # requests_per_second = 100.0, # burst_size = 200, # limit_by = "ip" # ip, global # } # TCP source options (alternative) # type = "tcp" # [pipelines.sources.options] # port = 9091 # (required) Listen port # buffer_size = 1000 # Entry buffer size # net_limit = { ... } # Same as HTTP # ---------------------------------------------------------------------------- # FILTERS (optional) # ---------------------------------------------------------------------------- # [[pipelines.filters]] # type = "include" # include (whitelist), exclude (blacklist) # logic = "or" # or (any match), and (all match) # patterns = [ # Regular expressions # "ERROR", # "(?i)warn", # Case-insensitive # "\\bfatal\\b" # Word boundary # ] # ---------------------------------------------------------------------------- # FORMAT (optional) # ---------------------------------------------------------------------------- # format = "raw" # raw, json, text # [pipelines.format_options] # # JSON formatter options # pretty = false # Pretty print JSON # timestamp_field = "timestamp" # Field name for timestamp # level_field = "level" # Field name for log level # message_field = "message" # Field name for message # source_field = "source" # Field name for source # # # Text formatter options # template = "[{{.Timestamp | FmtTime}}] [{{.Level | ToUpper}}] {{.Source}} - {{.Message}}" # timestamp_format = "2006-01-02T15:04:05Z07:00" # Go time format # ---------------------------------------------------------------------------- # SINKS # ---------------------------------------------------------------------------- [[pipelines.sinks]] type = "http" # http, tcp, http_client, tcp_client, file, stdout, stderr # HTTP sink options (streaming server) [pipelines.sinks.options] port = 8080 # (required) Listen port buffer_size = 1000 # Entry buffer size stream_path = "/stream" # SSE endpoint status_path = "/status" # Status endpoint [pipelines.sinks.options.heartbeat] enabled = true # Send periodic heartbeats interval_seconds = 30 # Heartbeat interval format = "comment" # comment, json include_timestamp = true # Include timestamp in heartbeat include_stats = false # Include statistics [pipelines.sinks.options.net_limit] enabled = false # Enable rate limiting requests_per_second = 10.0 # Request rate limit burst_size = 20 # Token bucket burst limit_by = "ip" # ip, global max_connections_per_ip = 5 # Per-IP connection limit max_total_connections = 100 # Total connection limit response_code = 429 # HTTP response code response_message = "Rate limit exceeded" # TCP sink options (alternative) # type = "tcp" # [pipelines.sinks.options] # port = 9090 # (required) Listen port # buffer_size = 1000 # heartbeat = { ... } # Same as HTTP # net_limit = { ... } # Same as HTTP # HTTP client sink options (forward to remote) # type = "http_client" # [pipelines.sinks.options] # url = "https://logs.example.com/ingest" # (required) Target URL # batch_size = 100 # Entries per batch # batch_delay_ms = 1000 # Batch timeout # timeout_seconds = 30 # Request timeout # max_retries = 3 # Retry attempts # retry_delay_ms = 1000 # Initial retry delay # retry_backoff = 2.0 # Exponential backoff multiplier # insecure_skip_verify = false # Skip TLS verification # headers = { # Custom headers # "Authorization" = "Bearer token", # "X-Custom" = "value" # } # TCP client sink options (forward to remote) # type = "tcp_client" # [pipelines.sinks.options] # address = "logs.example.com:9090" # (required) host:port # buffer_size = 1000 # dial_timeout_seconds = 10 # Connection timeout # write_timeout_seconds = 30 # Write timeout # keep_alive_seconds = 30 # TCP keepalive # reconnect_delay_ms = 1000 # Initial reconnect delay # max_reconnect_delay_seconds = 30 # Max reconnect delay # reconnect_backoff = 1.5 # Exponential backoff # File sink options # type = "file" # [pipelines.sinks.options] # directory = "/var/log/logwisp" # (required) Output directory # name = "app" # (required) Base filename # max_size_mb = 100 # Rotate after size # max_total_size_mb = 0 # Total size limit (0 = unlimited) # retention_hours = 0.0 # Delete old files (0 = disabled) # min_disk_free_mb = 1000 # Maintain free disk space # Console sink options # type = "stdout" # or "stderr" # [pipelines.sinks.options] # buffer_size = 1000 # target = "stdout" # Override for split mode # ---------------------------------------------------------------------------- # AUTHENTICATION (optional, for network sinks) # ---------------------------------------------------------------------------- # [pipelines.auth] # type = "none" # none, basic, bearer # ip_whitelist = [] # Allowed IPs (empty = all) # ip_blacklist = [] # Blocked IPs # # [pipelines.auth.basic_auth] # realm = "LogWisp" # WWW-Authenticate realm # users_file = "" # External users file # [[pipelines.auth.basic_auth.users]] # username = "admin" # password_hash = "$2a$10$..." # bcrypt hash # # [pipelines.auth.bearer_auth] # tokens = ["token1", "token2"] # Static tokens # [pipelines.auth.bearer_auth.jwt] # jwks_url = "" # JWKS endpoint # signing_key = "" # Static key (if not using JWKS) # issuer = "" # Expected issuer # audience = "" # Expected audience # ============================================================================ # HOT RELOAD # ============================================================================ # Enable with: --config-auto-reload # Manual reload: kill -HUP $(pidof logwisp) # Updates pipelines, filters, formatters without restart # Logging changes require restart # ============================================================================ # ROUTER MODE # ============================================================================ # Enable with: logwisp --router or router = true # Combines multiple pipeline HTTP sinks on shared ports # Access pattern: http://localhost:8080/{pipeline_name}/stream # Global status: http://localhost:8080/status # ============================================================================ # SIGNALS # ============================================================================ # SIGINT/SIGTERM: Graceful shutdown # SIGHUP/SIGUSR1: Reload config (when auto-reload enabled) # SIGKILL: Immediate shutdown # ============================================================================ # CLI FLAGS # ============================================================================ # --config, -c PATH # Config file path # --router, -r # Enable router mode # --background, -b # Run as daemon # --quiet, -q # Suppress output # --version, -v # Show version # ============================================================================ # ENVIRONMENT VARIABLES # ============================================================================ # LOGWISP_CONFIG_FILE # Config filename # LOGWISP_CONFIG_DIR # Config directory # LOGWISP_CONSOLE_TARGET # Override console target # Any config value: LOGWISP_
_ (uppercase, dots → underscores)