in_forward
Input plugin listens to a TCP socket to receive the event stream. It also listens to a UDP socket to receive heartbeat messages. See also the protocol section for implementation details.fluent-cat
command, or Fluentd client libraries. This is by far the most efficient way to retrieve the records.in_tcp
plugin instead.@type
forward
.port
bind
tag
in_forward
uses incoming event's tag by default (See Protocol Section). If the tag
parameter is set, its value is used instead.add_tag_prefix
prod.INCOMING_TAG
, e.g. prod.app.log
.linger_timeout
<transport>
directive instead.resolve_hostname
deny_keepalive
true
.send_keepalive_packet
chunk_size_limit
chunk_size_warn_limit
skip_invalid_event
source_address_key
source_hostname_key
in_forward
, it needs additional processing time.<transport>
Sectionlinger_timeout
SO_LINGER
.0
is to send RST rather than FIN to avoid lots of connections sitting in TIME_WAIT on closing on non-Windows.linger_timeout
is 0
too).<transport tls>
, in_forward
uses raw TCP.<security>
Sectionself_hostname
shared_key
user_auth
allow_anonymous_source
self_hostname
shared_key
user_auth
true
, user-based authentication is used.allow_anonymous_source
<client>
sections are required, if disabled.<user>
sectionusername
password
<security>
.<client>
sectionhost
network
shared_key
users
<security>
network
.host
.[]
EventTime
or a platform-specific integer and is based on the output of Ruby's Time.now.to_i
function. On Linux, BSD, and Mac systems, this is the number of seconds since 1970.td-agent.conf
and restart the service:{"foo":"bar"}
in the log file:out_forward
server.client_cert_auth
and ca_path
options like this:fluentd
and fluent-bit
combination, see Banzai Cloud article: Secure logging on Kubernetes with Fluentd and Fluent Bit.<security>
section to your configuration file like this:out_forward
instance running on another server, configure it by following these instructions.24224
. No need for an additional port. Incoming data will be routed to the workers automatically.in_forward
does not provide parsing mechanism unlike in_tail
or in_tcp
because in_forward
is mainly for efficient log transfer. If you want to parse an incoming event, use parser filter in your pipeline.