# CONFIGURED BY ANSIBLE

#
# all docker container logs without parser modification
#

[INPUT]
    name tail
    path /var/lib/docker/containers/*/*.log
    docker_mode on
    parser json_no_time
    tag docker

[FILTER]
    name modify
    match docker
    add sensor docker@{{inventory_hostname}}

#[OUTPUT]
#    name file
#    match docker
#    path /var/log
#    file fluent-bit.log

[OUTPUT]
    name opensearch
    match docker
    host {{log_host}}
    port {{log_port}}
    tls on
    tls.verify on
    index audithack-docker
    http_user {{log_http_user}}
    http_passwd {{log_http_passwd}}
    suppress_type_name on
    #replace_dots on
    trace_error on