sinks:
   logscale_sink:
    type: logscale 
    url: "https://cloud.humio.com/" 
    token: "${LOGSCALE_TOKEN}"

Here we create a new sink named logscale_sink which sends data to a LogScale with the URL in url using the ingest token ${LOGSCALE_TOKEN}.

queue:
 type: memory
 maxLimitInMB: 64

Here, the queue is configured as a memory queue with a limit of 64MB.

sources:
 apache_access_logs:
  type: file  
  include:
   - "/var/log/apache2/access.log"

Here, we define a file-based source for Apache access logs. The configuration incudes the path to the log file using the include field.

exclude:
   - "/var/log/apache2/access.log.1"
   - "/var/log/apache2/excluded_access.log"
  excludeExtensions:
   - "gz"
   - "zip"

This fragment defines how can we exclude apache log files and extensions.

multiLineBeginsWith: '^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'

It enables multiline log parsing using a regular expression that detects lines starting with an IP address.

sink: logscale_sink
  encoding: UTF-8

Here, we assign the logscale_sink for output and explicitly sets the file encoding to UTF-8.

transforms:
   - type: static_fields
    fields:
     log_type: "apache_access"
     environment: "${ENV}"

Here, we add static metadata fields to each log event, including the log type and the deployment environment.

Event Result set.