input {
  file {
    path => [ "/var/log/messages", "/var/log/kern.log" ]
    type => "linux-syslog"
  }

  file {
    path => "/var/log/apache2/access.log"
    type => "apache-access"
  }

  file {
    path => "/var/log/apache2/error.log"
    type => "apache-error"
  }
}

output {
  # This will be your durable shipping mechanism
  rabbitmq {
    host => "myrabbitmqserver"
    exchange_type => "fanout"
    exchange => "rawlogs"
  }
  # This is an optional non-durable shipping mechanism
  # With this, you can sniff logs from your own code
  rabbitmq {
    host => "127.0.0.1"
    exchange_type => "topic"
    exchange => "logsniff"
    durable => false
    persistent => false
    # The following is optional
    # but allows you to consume based on sender
    key => "logstash.%{host}"
  }
  stdout { }
}

# Filters are applied in the order the appear.
filter {
  multiline {
    type => "supervisorlogs"
    pattern => "^\s"
    what => previous
  } 

  multiline { 
    type => "testing"
    pattern => "^\s"
    what => previous
  }

  grok {
    type => "linux-syslog"
    pattern => ["%{SYSLOG_SUDO}", "%{SYSLOG_KERNEL}", "%{SYSLOGLINE}" ]
  }

  grok {
    type => "nagios"
    pattern => "%{NAGIOSLOGLINE}"
  }

  #date {
    #" testing" => fizzle
  #}
}