version: v1
removes:
  - /etc/rsyslog.conf
  - /etc/rsyslog.d/*.conf
templates:
  - input: /config/templates/rsyslog/rsyslog.conf
    output: /etc/rsyslog.conf
  - input: /config/templates/rsyslog/outputs.conf.erb
    output: /etc/rsyslog.d/05-outputs.conf
  - input: /config/templates/rsyslog/drain.conf.erb
    output: /etc/rsyslog.d/10-drain.conf
  - input: /config/templates/identity/cacerts.pem.erb
    output: /dev/shm/identity/ca/cacerts.pem
  - input: /config/templates/identity/client.pem.erb
    output: /dev/shm/identity/client/certificates/client.pem
  - input: /config/templates/identity/client-key.pem.erb
    output: /dev/shm/identity/client/keys/client-key.pem
  - input: /config/templates/auth/htpasswd.erb
    output: /dev/shm/auth/htpasswd
  - input: /config/templates/rsyslog/syslog.conf.erb
    output: /etc/rsyslog.d/10-syslog.conf
data:
  _pki:
    cacert: /dev/shm/identity/ca/cacerts.pem
    client:
      cert: /dev/shm/identity/client/certificates/client.pem
      key: /dev/shm/identity/client/keys/client-key.pem
  _funnel:
    host: ajna-api.salesforce.com
    port: 443
    scheme: https
    metrics_request_timeout_ms: 3000
    dnr_request_timeout_ms: 3000
    request_resume_interval_secs: 1
    request_resume_interval_max_secs: 30
  _funnel_logs:
    host: funnel.funnelapi.foundation.aws-prod1-useast1.aws.sfdc.cl
    port: 443
    scheme: https
    api: data
    # Set restpath, content_type, batch_format based on `api` setting
    rest_path: v1/data/namespaces/sfdc.prod.scrt2.logs/topics/logs.ext
    http_content_type: application/vnd.kafka.v1+json
    batch_format: kafkarest
  heroku:
    app_name: "sfdc-lm-gs0-vir-00-sh-drain"
    app_id: "801de98f-6e38-431a-83fb-5319070909f5"
    short_region: "vir"
    dyno: "web.1"
    release_version: "v51"
  log_drain:
    # Build metadata.
    version: "v0.0.9"
    build: "33381b4a2a446016e5d3829768e1b4c6fd12b9a3"
    # Enable debug mode.
    debug: true
    # Publish logs to Funnel.
    publish_logs: true
    # Publish enabled metrics to Funnel.
    publish_metrics: true
    # Parse Heroku dyno runtime-metrics and addon log-based metrics.
    runtime_metrics: true
    # Parse Heroku router logs into metrics.
    router_metrics: true
    # Enable internal self-metrics.
    self_metrics: true
    # Serving port.
    port: 40736
    # Basic Authentication.
    basic_auth_file: /dev/shm/auth/htpasswd
    # Set base environment for this drain
    environment: "gs0"
    # Set base cloud value for this drain
    cloud: "digitalengagement"
    # Set base cloud value for this drain
    business_unit: Heroku
    # UUID for this Drain.
    uuid: 801de98f-6e38-431a-83fb-5319070909f5
    disable_flow_control: false
    # Impstats reporting interval.
    stats_interval_seconds: 60
    # Main ruleset queue sizes.
    input_queue_size: 750000
    # output queue sizes.
    output_queue_size: 500000
    # enable disk assisted queue
    queue_filename: rs_drain_queue
    queue_spool_directory: /tmp
    queue_max_file_size: 500m
    # workers > 1 does not appear to have any appreciable effect.
    logs_batch_worker_threads: 1
    # Use system default
    logs_input_batch_size: 6000
    logs_output_min_batch_size: 0
    logs_batch_size: 1024
    logs_use_sender_thread: true
    logs_sender_max_connections: 4
    # Buffer up to 10MB by default. Funnel accepts up to 25MB batches.
    logs_batch_max_bytes: 10000000
    # Use defaults for timeout values, which work well queues are slowed down
    logs_batch_timeout_ms: 1000
    # The "http_*" fields correspond to imhttp/civetweb HTTP options.
    # Reference https://github.com/civetweb/civetweb/blob/master/docs/UserManual.md
    # Heroku router logs access requests too, no need to log twice.
    http_access_log_file: /dev/null
    http_error_log_file: /dev/stderr
    http_num_threads: 50
    http_listen_backlog: 32
    http_connection_queue: 16
    # Document root used to serve received logs for testing abd debugging.
    http_document_root: /www/data
    # DNR (Detection n' Response) filtering.
    filter_dnr_logs: true
    filter_dnr_logs_expression: $msg contains "JWT" or $msg contains "issuer:" or $msg contains "SalesforceBearerAuthTokenHandler"
    # In proxy mode, allow nginx to log locally.
    syslog_udp_port: 10514