From 7b53dc7c98e024640ed265326f9d70de23d74c5f Mon Sep 17 00:00:00 2001
From: Splunk Git Pusher <splunk@splunk.local>
Date: Fri, 6 Feb 2026 22:53:42 +0100
Subject: [PATCH] test de la nouvel application

Pushed by: admin
License: 1CFBBDCA-31F (Starter)
Timestamp: 2026-02-06T22:53:42.492041
---
 apps/journald_input/default/authorize.conf | 4 ++++
 apps/journald_input/default/inputs.conf    | 5 +++++
 apps/journald_input/metadata/default.meta  | 2 ++
 3 files changed, 11 insertions(+)
 create mode 100755 apps/journald_input/default/authorize.conf
 create mode 100755 apps/journald_input/default/inputs.conf
 create mode 100755 apps/journald_input/metadata/default.meta

diff --git a/apps/journald_input/default/authorize.conf b/apps/journald_input/default/authorize.conf
new file mode 100755
index 00000000..9db8455d
--- /dev/null
+++ b/apps/journald_input/default/authorize.conf
@@ -0,0 +1,4 @@
+[capability::edit_modinput_journald]
+
+[role_admin]
+edit_modinput_journald = enabled
diff --git a/apps/journald_input/default/inputs.conf b/apps/journald_input/default/inputs.conf
new file mode 100755
index 00000000..6a94fad9
--- /dev/null
+++ b/apps/journald_input/default/inputs.conf
@@ -0,0 +1,5 @@
+[journald]
+interval = 30
+journalctl-quiet = true
+journalctl-include-fields = PRIORITY,_SYSTEMD_UNIT,_SYSTEMD_CGROUP,_TRANSPORT,_PID,_UID,_MACHINE_ID,_GID,_COMM,_EXE
+journalctl-exclude-fields = __MONOTONIC_TIMESTAMP,__SOURCE_REALTIME_TIMESTAMP
diff --git a/apps/journald_input/metadata/default.meta b/apps/journald_input/metadata/default.meta
new file mode 100755
index 00000000..05c779da
--- /dev/null
+++ b/apps/journald_input/metadata/default.meta
@@ -0,0 +1,2 @@
+[]
+access = read : [ * ], write : [ admin, power ]