Update targets for v1.5.0

Author: yusufozturk

docs/configuration/targets/aws-s3.mdx

@@ -32,6 +32,8 @@ Creates a target that writes log messages to _Azure Blob Storage_ with support f
     timeout: <numeric>
     max_size: <numeric>
     batch_size: <numeric>
+    interval: <string|numeric>
+    cron: <string>
     debug:
       status: <boolean>
       dont_send_logs: <boolean>
@@ -89,12 +91,19 @@ The following fields can be used for files:
 |`no_buffer`|N|`false`|Disable write buffering|
 |`field_format`|N|-|Data normalization format. See applicable <Topic id="normalization-mapping">Normalization</Topic> section|
 
+### Scheduler
+
+|Field|Required|Default|Description|
+|---|---|---|---|
+|`interval`|N|realtime|Execution frequency. See <Topic id="interval">Interval</Topic> for details|
+|`cron`|N|-|Cron expression for scheduled execution. See <Topic id="cron">Cron</Topic> for details|
+
 ### Debug Options
 
 |Field|Required|Default|Description|
 |---|---|---|---|
 |`debug.status`|N|`false`|Enable debug logging|
-|`debug.dont_send_logs`|N|`false`|Process logs but don't send to Azure (testing)|
+|`debug.dont_send_logs`|N|`false`|Process logs but don't send to target (testing)|
 
 ## Details
 

docs/configuration/targets/azure-blob-storage.mdx

@@ -32,6 +32,8 @@ Creates an Azure Data Explorer (Kusto) target that ingests data directly into Az
     tables:
       - name: <string>
         schema: <string>
+    interval: <string|numeric>
+    cron: <string>
     debug:
       status: <boolean>
       dont_send_logs: <boolean>
@@ -91,12 +93,19 @@ targets:
           schema: "<schema definition>"
 ```
 
+### Scheduler
+
+|Field|Required|Default|Description|
+|---|---|---|---|
+|`interval`|N|realtime|Execution frequency. See <Topic id="interval">Interval</Topic> for details|
+|`cron`|N|-|Cron expression for scheduled execution. See <Topic id="cron">Cron</Topic> for details|
+
 ### Debug Options
 
 |Field|Required|Default|Description|
 |---|---|---|---|
 |`debug.status`|N|`false`|Enable debug logging|
-|`debug.dont_send_logs`|N|`false`|Process logs but don't send to ADX (testing)|
+|`debug.dont_send_logs`|N|`false`|Process logs but don't send to target (testing)|
 
 ## Details
 

docs/configuration/targets/azure-data-explorer.mdx

@@ -28,6 +28,8 @@ Creates a BigQuery target that streams data directly into BigQuery tables using
     tables:
       - name: <string>
         schema: <string>
+    interval: <string|numeric>
+    cron: <string>
     debug:
       status: <boolean>
       dont_send_logs: <boolean>
@@ -101,12 +103,19 @@ Supported types:
 - `JSON` - JSON data
 - `RECORD` or `STRUCT` - Nested structure
 
+### Scheduler
+
+|Field|Required|Default|Description|
+|---|---|---|---|
+|`interval`|N|realtime|Execution frequency. See <Topic id="interval">Interval</Topic> for details|
+|`cron`|N|-|Cron expression for scheduled execution. See <Topic id="cron">Cron</Topic> for details|
+
 ### Debug Options
 
 |Field|Required|Default|Description|
 |---|---|---|---|
 |`debug.status`|N|`false`|Enable debug logging|
-|`debug.dont_send_logs`|N|`false`|Process logs but don't send to BigQuery (testing)|
+|`debug.dont_send_logs`|N|`false`|Process logs but don't send to target (testing)|
 
 ## Details
 

docs/configuration/targets/bigquery.mdx

@@ -23,6 +23,11 @@ Creates a ClickHouse target that sends log data to a ClickHouse database server
     table: <string>
     batch_size: <integer>
     field_format: <string>
+    interval: <string|numeric>
+    cron: <string>
+    debug:
+      status: <boolean>
+      dont_send_logs: <boolean>
 ```
 
 ## Configuration
@@ -55,6 +60,20 @@ The following fields are used to define the target:
 |`batch_size`|N|-|Number of log entries to batch before sending|
 |`field_format`|N|-|Data normalization format. See applicable <Topic id="normalization-mapping">Normalization</Topic> section|
 
+### Scheduler
+
+|Field|Required|Default|Description|
+|---|---|---|---|
+|`interval`|N|realtime|Execution frequency. See <Topic id="interval">Interval</Topic> for details|
+|`cron`|N|-|Cron expression for scheduled execution. See <Topic id="cron">Cron</Topic> for details|
+
+### Debug Options
+
+|Field|Required|Default|Description|
+|---|---|---|---|
+|`debug.status`|N|`false`|Enable debug logging|
+|`debug.dont_send_logs`|N|`false`|Process logs but don't send to target (testing)|
+
 ## Details
 
 The ClickHouse target uses the native ClickHouse protocol to efficiently send log data in batches. Logs are accumulated until the batch size is reached, then sent to the server. The default batch size is defined by the service configuration, but can be overridden.

docs/configuration/targets/clickhouse.mdx

@@ -16,6 +16,11 @@ Creates a console target that writes log messages to the standard output. Suppor
   pipelines: <pipeline[]>
   properties:
     field_format: <string>
+    interval: <string|numeric>
+    cron: <string>
+    debug:
+      status: <boolean>
+      dont_send_logs: <boolean>
 ```
 
 ## Configuration
@@ -31,26 +36,19 @@ The following are the fields used to define the target:
 |`status`|N|`true`|Enable/disable the target|
 |`field_format`|N|-|Data normalization format. See applicable <Topic id="normalization-mapping">Normalization</Topic> section|
 
-Field format standards:
+### Scheduler
 
-<TermTable>
-  <TermCol>`ecs`</TermCol>
-  <DefCol>Elastic Common Schema</DefCol>
-
-  <TermCol>`cim`</TermCol>
-  <DefCol>Common Information Model</DefCol>
+|Field|Required|Default|Description|
+|---|---|---|---|
+|`interval`|N|realtime|Execution frequency. See <Topic id="interval">Interval</Topic> for details|
+|`cron`|N|-|Cron expression for scheduled execution. See <Topic id="cron">Cron</Topic> for details|
 
-  <TermCol>`asim`</TermCol>
-  <DefCol>Advanced Security Information Model</DefCol>
-</TermTable>
+### Debug Options
 
-:::note
-If no field_format is specified, log messages will be written to the console without any field normalization.
-:::
-
-:::warning
-Using field normalization may impact the performance with high message volumes.
-:::
+|Field|Required|Default|Description|
+|---|---|---|---|
+|`debug.status`|N|`false`|Enable debug logging|
+|`debug.dont_send_logs`|N|`false`|Process logs but don't send to target (testing)|
 
 ## Examples
 

docs/configuration/targets/console.mdx

@@ -30,7 +30,10 @@ Creates an Elasticsearch target that sends data using the Bulk API. Supports mul
         username: <string>
         password: <string>
     interval: <string|numeric>
-    schedule: <string>
+    cron: <string>
+    debug:
+      status: <boolean>
+      dont_send_logs: <boolean>
 ```
 
 ## Configuration
@@ -59,8 +62,6 @@ The following are the fields used to define the target:
 |`filter_path`|N|`errors,items.*.error,items.*._index,items.*.status`|Response filter path|
 |`pipeline`|N|-|Ingest pipeline name|
 |`field_format`|N|-|Data normalization format. See applicable <Topic id="normalization-mapping">Normalization</Topic> section|
-|`frequency`|N|realtime|Execution frequency. See <Topic id="frequency">Frequency</Topic> for details|
-|`cron`|N|-|Cron expression for scheduled execution. See <Topic id="cron">Cron</Topic> for details|
 
 ### Endpoint
 
@@ -70,6 +71,20 @@ The following are the fields used to define the target:
 |`username`|N|-|Basic auth username|
 |`password`|N|-|Basic auth password|
 
+### Scheduler
+
+|Field|Required|Default|Description|
+|---|---|---|---|
+|`interval`|N|realtime|Execution frequency. See <Topic id="interval">Interval</Topic> for details|
+|`cron`|N|-|Cron expression for scheduled execution. See <Topic id="cron">Cron</Topic> for details|
+
+### Debug Options
+
+|Field|Required|Default|Description|
+|---|---|---|---|
+|`debug.status`|N|`false`|Enable debug logging|
+|`debug.dont_send_logs`|N|`false`|Process logs but don't send to target (testing)|
+
 ## Details
 
 The target supports multiple endpoints, authentication, compression, and ingest pipelines. Data is batched for efficient delivery and can be automatically routed to different indices.
@@ -339,8 +354,8 @@ Events are batched until either limit is reached:
 - **`max_payload_size_kb`**: Total size in kilobytes
 
 Tune these based on your average event size:
-- **Small events (less than 1KB)**: Increase `batch_size`, keep default `max_payload_size_kb`
-- **Large events (greater than 10KB)**: Keep default `batch_size`, increase `max_payload_size_kb`
+- **Small events (&lt;1KB&gt;)**: Increase `batch_size`, keep default `max_payload_size_kb`
+- **Large events (>10KB)**: Keep default `batch_size`, increase `max_payload_size_kb`
 - **Mixed sizes**: Monitor both limits and adjust based on actual batch sizes
 
 ### Timeout

docs/configuration/targets/elasticsearch.mdx

@@ -32,6 +32,11 @@ Creates a target that sends processed messages to _Azure Event Hubs_ with suppor
       status: <boolean>
       cert_name: <string>
       key_name: <string>
+    interval: <string|numeric>
+    cron: <string>
+    debug:
+      status: <boolean>
+      dont_send_logs: <boolean>
 ```
 
 ## Configuration
@@ -100,6 +105,20 @@ EventHubs target supports two authentication methods:
 TLS certificate and key files must be placed in the service root directory.
 :::
 
+### Scheduler
+
+|Field|Required|Default|Description|
+|---|---|---|---|
+|`interval`|N|realtime|Execution frequency. See <Topic id="interval">Interval</Topic> for details|
+|`cron`|N|-|Cron expression for scheduled execution. See <Topic id="cron">Cron</Topic> for details|
+
+### Debug Options
+
+|Field|Required|Default|Description|
+|---|---|---|---|
+|`debug.status`|N|`false`|Enable debug logging|
+|`debug.dont_send_logs`|N|`false`|Process logs but don't send to target (testing)|
+
 ## Details
 
 The EventHubs target sends processed messages to Azure Event Hubs for real-time event streaming and analytics. It supports automatic batching for optimal performance, configurable retry mechanisms for reliability, and multiple authentication methods for flexible deployment scenarios.

docs/configuration/targets/event-hubs.mdx

@@ -26,6 +26,11 @@ Creates a file target that writes log messages to files in various formats like
     batch_size: <integer>
     max_size: <integer>
     locations: <location[]>
+    interval: <string|numeric>
+    cron: <string>
+    debug:
+      status: <boolean>
+      dont_send_logs: <boolean>
 ```
 
 ## Configuration
@@ -77,6 +82,20 @@ targets:
           format: "json"
 ```
 
+### Scheduler
+
+|Field|Required|Default|Description|
+|---|---|---|---|
+|`interval`|N|realtime|Execution frequency. See <Topic id="interval">Interval</Topic> for details|
+|`cron`|N|-|Cron expression for scheduled execution. See <Topic id="cron">Cron</Topic> for details|
+
+### Debug Options
+
+|Field|Required|Default|Description|
+|---|---|---|---|
+|`debug.status`|N|`false`|Enable debug logging|
+|`debug.dont_send_logs`|N|`false`|Process logs but don't send to target (testing)|
+
 ## Details
 
 The file target supports writing to multiple file locations with different formats and schemas. When using `SystemS3` field in your logs, the value will be used to route the message to the location with a matching ID.

docs/configuration/targets/file.mdx

@@ -37,6 +37,8 @@ For more details on Microsoft Sentinel integration, refer to <Topic id="sentinel
     cache:
       timeout: <numeric>
     field_format: <string>
+    interval: <string|numeric>
+    cron: <string>
     debug:
       status: <boolean>
       dont_send_logs: <boolean>
@@ -83,12 +85,19 @@ The following fields are used to define the target:
 |`cache.timeout`|N|`300`|Stream cache timeout in seconds|
 |`field_format`|N|-|Data normalization format. See applicable <Topic id="normalization-mapping">Normalization</Topic> section|
 
+### Scheduler
+
+|Field|Required|Default|Description|
+|---|---|---|---|
+|`interval`|N|realtime|Execution frequency. See <Topic id="interval">Interval</Topic> for details|
+|`cron`|N|-|Cron expression for scheduled execution. See <Topic id="cron">Cron</Topic> for details|
+
 ### Debug Options
 
 |Field|Required|Default|Description|
 |---|---|---|---|
 |`debug.status`|N|`false`|Enable debug logging|
-|`debug.dont_send_logs`|N|`false`|Process logs but don't send to Sentinel (testing)|
+|`debug.dont_send_logs`|N|`false`|Process logs but don't send to target (testing)|
 
 ## Details