[Set-Host-By-ComputerName]
REGEX = (?m)ComputerName=(.*)?\b
FORMAT = host::$1
DEST_KEY = MetaData:Host

[Set-Sourcetype-By-LogName]
REGEX = (?m)LogName=(.*)?\b
FORMAT = sourcetype::WinEventLog:$1
DEST_KEY = MetaData:Sourcetype