input_wineventlog

type WinEventLog struct {
	// The name of the event log to monitor.
	// Channel names can also be specifid if running on Windows Vista or newer.
	// By default, the value of Name is Application.
	Name string
	// If this option is specified, plugin filters events that are older than the
	// specified amount of time (in second).
	// This option is useful when you are beginning to monitor an event log that contains
	// older records that you would like to ignore. This field is optional.
	// 0 by default, which means collecting all available logs.
	IgnoreOlder uint
	// A whitelist and blacklist of event IDs.
	// The value is a comma-separated list. The accepted values are single event IDs
	// to include (e.g. 4624), a range of event IDs to include (e.g. 4700-4800), and
	// single event IDs to exclude (e.g. -4735).
	// This option is only available on operating systems supporting the Windows Event
	// Log API (Microsoft Windows Vista and newer).
	// Empty by default, do not filter by event IDs.
	EventID string
	// A list of event levels to include. The value is a comma-separated list of levels.
	// This option is only available on operating systems supporting the Windows Event Log
	// API (Microsoft Windows Vista and newer).
	// Empty by default, which is equivalent to "info,warning,error,critical".
	Level string
	// A list of providers (source names) to include.
	// This option is only available on operating systems supporting the Windows Event Log
	// API (Microsoft Windows Vista and newer).
	// Nil by default, do not filter by provider name.
	Provider []string
	// Ignore zero value, for example, "" for string type, 0 for integer type.
	// False by default.
	IgnoreZeroValue bool
	// Interval (seconds) to wait if Read returns empty. 1 by Default
	WaitInterval uint
	// contains filtered or unexported fields
}