File Source with Windows file paths

Example
yaml
sources:
  windows_logs:
    type: file
    include:
      - "C:/Program Files/Application/logs/app.log"
      - "C:/Windows/Logs/*.log"
      - "D:/Data/logs/**/*.log"
    exclude:
      - "C:/Windows/Logs/archived/*.log"
    excludeExtensions:
      - bak
      - tmp
    sink: logscale_sink
sinks:
  logscale_sink:
    type: logscale
    url: https://cloud.humio.com
    token: ${LOGSCALE_TOKEN}
Introduction

This example shows a partial configuration file for a basic Falcon LogScale Collector file-based service, collecting log files from Windows devices.

Step-by-Step
  1. yaml
    sources:
  windows_logs:
    type: file
    include:
      - "C:/Program Files/Application/logs/app.log"
      - "C:/Windows/Logs/*.log"
      - "D:/Data/logs/**/*.log"
    exclude:
      - "C:/Windows/Logs/archived/*.log"
    excludeExtensions:
      - bak
      - tmp
    sink: logscale_sink

    This fragment defines how to correctly specify Windows file paths and extensions when including, or excluding, log files.

  2. yaml
    sinks:
  logscale_sink:
    type: logscale
    url: https://cloud.humio.com
    token: ${LOGSCALE_TOKEN}

    This fragment configures a logscale sink which defines where the collected log data is sent.

  3. Event Result set.

Summary and Results

This example demonstrates a partial configuration for collecting and processing Windows logs using file-based sources.