access_key_id => "<Acess-key>"
secret_access_key => "<secret-access-key>"
"log_group" => ["<Cloud-watch-log-group"]
"log_group_prefix" => true
path => "/home/<custom-path>/flattenJSON.rb"
script_params => { "field" => "cloudwatch_logs" }
gsub => ["cloudwatch_logs.log_group","\/","-"]
gsub => ["cloudwatch_logs.log_group","^-",""]
add_field => { "namespace" => "<custom-namespace>" }
add_field => { "cluster_id" => "<custom-cluster-id>" }
add_field => { "app_name" => "%{[cloudwatch_logs.log_group]}" }
add_field => { "proc_id" => "%{[cloudwatch_logs.log_stream]}" }
url => "http://<logiq-endpoint>/v1/json_batch"
headers => { "Authorization" => "Bearer <SECURE_INGEST_TOKEN>" }
content_type => "json_batch"
pool_max_per_route => 100