From f9734180e0d3a3d424720c11dddccd179a2b866f Mon Sep 17 00:00:00 2001
From: Landon Lengyel <landon.lengyel@slcschools.org>
Date: Tue, 27 Aug 2024 09:40:21 -0600
Subject: [PATCH] Adding yaml version of config

---
 pipeline/inputs/windows-event-log-winevtlog.md | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/pipeline/inputs/windows-event-log-winevtlog.md b/pipeline/inputs/windows-event-log-winevtlog.md
index 2edaaee4b..7e8125397 100644
--- a/pipeline/inputs/windows-event-log-winevtlog.md
+++ b/pipeline/inputs/windows-event-log-winevtlog.md
@@ -27,6 +27,8 @@ Note that if you do not set _db_, the plugin will tail channels on each startup.
 
 Here is a minimum configuration example.
 
+{% tabs %}
+{% tab title="fluent-bit.conf" %}
 ```python
 [INPUT]
     Name         winevtlog
@@ -38,6 +40,22 @@ Here is a minimum configuration example.
     Name   stdout
     Match  *
 ```
+{% endtab %}
+
+{% tab title="fluent-bit.yaml" %}
+```yaml
+pipeline:
+  inputs:
+    - name: winevtlog
+      channels: Setup,Windows PowerShell
+      interval_sec: 1
+      db: winevtlog.sqllite
+  outputs:
+    - name: stdout
+      match: '*'
+```
+{% endtab %}
+{% endtabs %}
 
 Note that some Windows Event Log channels \(like `Security`\) requires an admin privilege for reading. In this case, you need to run fluent-bit as an administrator.