agent operations skill risk: low
Fluentd Log Forwarding Configuration Guide
The prompt provides an overview, prerequisites, and six sequential steps for generating Fluent Bit and Fluentd configurations, applying filters, validating syntax, testing log deli…
SKILL 4 files · 2 folders
SKILL.md
--- name: implementing-log-forwarding-with-fluentd description: "Configure Fluentd and Fluent Bit for centralized log aggregation, routing, filtering, and enrichment across distributed" --- # Implementing Log Forwarding with Fluentd ## Overview This skill covers configuring Fluentd and Fluent Bit for centralized log collection, routing, and enrichment. Fluent Bit acts as a lightweight log forwarder on endpoints, while Fluentd serves as the central aggregator and processor. The configuration covers input plugins for syslog, file tailing, and application logs, with output routing to Elasticsearch, S3, and Splunk. ## When to Use - When deploying or configuring implementing log forwarding with fluentd capabilities in your environment - When establishing security controls aligned to compliance requirements - When building or improving security architecture for this domain - When conducting security assessments that require this implementation ## Prerequisites - Fluentd (td-agent) v1.16+ or Fluent Bit v3.0+ - Python 3.8+ with fluent-logger library - Elasticsearch or Splunk for log destination - Network access on port 24224 (Fluentd forward protocol) - Ruby 2.7+ (for Fluentd plugin development) ## Steps 1. **Generate Fluent Bit Configuration** — Create input, filter, and output configuration for endpoint log collection 2. **Generate Fluentd Aggregator Configuration** — Configure the central Fluentd instance with forward input, parsing, and multi-output routing 3. **Configure Log Filtering and Enrichment** — Add record_transformer and grep filters for log enrichment and noise reduction 4. **Validate Configuration Syntax** — Parse and validate Fluentd/Fluent Bit configuration files for syntax errors 5. **Test Log Forwarding** — Send test events via fluent-logger Python library and verify delivery 6. **Generate Deployment Report** — Produce configuration summary with routing topology and health metrics ## Expected Output - Fluent Bit and Fluentd configuration files (INI/YAML format) - Configuration validation report - Log routing topology diagram (text-based) - Test event delivery confirmation
REQUIRED CONTEXT
- Fluentd or Fluent Bit version and environment details
OPTIONAL CONTEXT
- target log destinations (Elasticsearch, S3, Splunk)
- specific input sources (syslog, files, apps)
EXPECTED OUTPUT
- Format
- markdown
- Schema
- bullet_list · Fluent Bit and Fluentd configuration files (INI/YAML format), Configuration validation report, Log routing topology diagram (text-based), Test event delivery confirmation
- Constraints
- include Fluent Bit and Fluentd configuration files in INI/YAML format
- include configuration validation report
- include text-based log routing topology diagram
- include test event delivery confirmation
SUCCESS CRITERIA
- Generate Fluent Bit and Fluentd configuration files (INI/YAML format)
- Produce configuration validation report
- Include log routing topology diagram (text-based)
- Confirm test event delivery
CAVEATS
- Dependencies
- Fluentd (td-agent) v1.16+ or Fluent Bit v3.0+
- Python 3.8+ with fluent-logger library
- Elasticsearch or Splunk for log destination
- Network access on port 24224 (Fluentd forward protocol)
- Ruby 2.7+ (for Fluentd plugin development)
- Missing context
- Target environment or operating system
- Concrete configuration examples or starter templates
- Preferred output format details (e.g., file names, diagram style)
- Ambiguities
- Description sentence is truncated: "across distributed"
- "When to Use" section references security controls, compliance, and security assessments that do not match the log-forwarding topic
QUALITY
- OVERALL
- 0.72
- CLARITY
- 0.70
- SPECIFICITY
- 0.75
- REUSABILITY
- 0.80
- COMPLETENESS
- 0.65
IMPROVEMENT SUGGESTIONS
- Complete the truncated description sentence in the header
- Rewrite the "When to Use" bullets to focus on log aggregation, observability, and compliance logging scenarios
- Add explicit placeholders (e.g., {{LOG_SOURCES}}, {{DESTINATIONS}}) so the prompt can be reused as a template
USAGE
Copy the prompt above and paste it into your AI of choice — Claude, ChatGPT, Gemini, or anywhere else you're working. Replace any placeholder sections with your own context, then ask for the output.
MORE FOR AGENT
- Local Documentation Online Sync Automatoragentoperations
- HashiCorp Packer Golden Image Expertagentoperations
- ML Experiment GPU Deployment Workflowagentoperations
- Codex Training Metrics Monitoragentoperations
- Context Optimization Techniques Guideagentoperations
- Issue Triage State Machineagentoperations
- ML Experiment Results Monitoragentoperations
- DOCX Document Creation Editing Guideagentoperations
- Repo Agent Skills Configuration Setupagentoperations
- Git Worktree Isolated Workspace Setupagentoperations
- Agent Context Compression Strategiesagentoperations
- Parallel Agent Dispatcher for Independent Tasksagentoperations
- Scientific Computing Resource Detectoragentoperations
- PPTX File Handling Skill Guideagentoperations
- Interactive QA GitHub Issue Fileragentoperations
- Sprint Retrospective Facilitatoragentoperations
- Agent Skill Writing Guideagentoperations
- Brilliant Directories Rube MCP Automation Guideagentoperations
- Istio Linkerd Service Mesh Expertagentoperations
- Machine Learning Experiment Monitoragentoperations
- Benchling Python SDK Integrationagentoperations
- Blackbaud Automation via Rube MCPagentoperations
- DigitalOcean Automation via Rube MCPagentoperations
- Service Mesh Architecture Expertagentoperations
- WandB Training Metrics Health Checkeragentoperations