in_forward Input plugin listens to a TCP socket to receive the event stream. It also listens to a UDP socket to receive heartbeat messages. See also the protocol section for implementation details.fluent-cat command, or Fluentd client libraries. This is by far the most efficient way to retrieve the records.in_tcp plugin instead.@typeforward.portbindtagin_forward uses incoming event's tag by default (See Protocol Section). If the tag parameter is set, its value is used instead.add_tag_prefixprod.INCOMING_TAG, e.g. prod.app.log.linger_timeoutresolve_hostnamedeny_keepalivetrue.send_keepalive_packetchunk_size_limitchunk_size_warn_limitskip_invalid_eventsource_address_keysource_hostname_keyin_forward, it needs additional processing time.<transport> Section<transport tls>, in_forward uses raw TCP.<security> Sectionself_hostnameshared_keyuser_authallow_anonymous_sourceself_hostnameshared_keyuser_authtrue, user-based authentication is used.allow_anonymous_source<client> sections are required, if disabled.<user> sectionusernamepassword<security>.<client> sectionhostnetworkshared_keyusers<security>network.host.[]EventTime or a platform-specific integer and is based on the output of Ruby's Time.now.to_i function. On Linux, BSD, and Mac systems, this is the number of seconds since 1970.td-agent.conf and restart the service:{"foo":"bar"} in the log file:out_forward server.client_cert_auth and ca_path options like this:fluentd and fluent-bit combination, see Banzai Cloud article: Secure logging on Kubernetes with Fluentd and Fluent Bit.<security> section to your configuration file like this:out_forward instance running on another server, configure it by following these instructions.24224. No need for an additional port. Incoming data will be routed to the workers automatically.in_forward does not provide parsing mechanism unlike in_tail or in_tcp because in_forward is mainly for efficient log transfer. If you want to parse an incoming event, use parser filter in your pipeline.