From 52a06ce3e86d988007898fbc00ca107a30287825 Mon Sep 17 00:00:00 2001
From: Fujimoto Seiji <fujimoto@clear-code.com>
Date: Sat, 21 Sep 2019 13:54:58 +0900
Subject: [PATCH 1/3] output: forward: Add Username and Password options (#212)

This documents the upcoming "Username" and "Password" parameters,
which enables Fluent Bit to connect to a Fluentd server that forces
password authentication.

Signed-off-by: Fujimoto Seiji <fujimoto@clear-code.com>
---
 output/forward.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/output/forward.md b/output/forward.md
index 6050ecfea..a3b54363d 100644
--- a/output/forward.md
+++ b/output/forward.md
@@ -28,6 +28,8 @@ When using Secure Forward mode, the [TLS](../configuration/tls_ssl.md) mode requ
 | Key | Description | Default |
 | :--- | :--- | :--- |
 | Shared\_Key | A key string known by the remote Fluentd used for authorization. |  |
+| Username | Specify the username to present to a Fluentd server that enables `user_auth`. |  |
+| Password | Specify the password corresponding to the username. |  |
 | Self\_Hostname | Default value of the auto-generated certificate common name \(CN\). |  |
 | tls | Enable or disable TLS support | Off |
 | tls.verify | Force certificate validation | On |

From 2a3e553b4633e8a487edd3b7abf3f31564ed459a Mon Sep 17 00:00:00 2001
From: Takahiro YAMASHITA <nokute78@gmail.com>
Date: Thu, 26 Sep 2019 08:23:11 +0900
Subject: [PATCH 2/3] parser: specify parsers which support Types option (#211)

Signed-off-by: Takahiro YAMASHITA <nokute78@gmail.com>
---
 parser/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/parser/README.md b/parser/README.md
index 8aafc8088..9205059b1 100644
--- a/parser/README.md
+++ b/parser/README.md
@@ -32,7 +32,7 @@ Multiple parsers can be defined and each section have it own properties. The fol
 | Time\_Format | Specify the format of the time field so it can be recognized and analyzed properly. Fluent-bit uses `strptime(3)` to parse time so you can ferer to [strptime documentation](https://linux.die.net/man/3/strptime) for available modifiers. |
 | Time\_Offset | Specify a fixed UTC time offset \(e.g. -0600, +0200, etc.\) for local dates. |
 | Time\_Keep | By default when a time key is recognized and parsed, the parser will drop the original time field. Enabling this option will make the parser to keep the original time field and it value in the log entry. |
-| Types | Specify the data type of parsed field. The syntax is `types <field_name_1>:<type_name_1> <field_name_2>:<type_name_2> ...`. The supported types are `string`\(default\), `integer`, `bool`, `float`, `hex`. |
+| Types | Specify the data type of parsed field. The syntax is `types <field_name_1>:<type_name_1> <field_name_2>:<type_name_2> ...`. The supported types are `string`\(default\), `integer`, `bool`, `float`, `hex`. `ltsv`, `logfmt` and `regex` supports this option.|
 | Decode\_Field | Decode a field value, the only decoder available is `json`. The syntax is: `Decode_Field json <field_name>`. |
 
 ## Parsers Configuration File

From ebad12fd6ca562ff4eaece0af66ce3ba6d933208 Mon Sep 17 00:00:00 2001
From: Fujimoto Seiji <fujimoto@clear-code.com>
Date: Fri, 27 Sep 2019 01:37:49 +0900
Subject: [PATCH 3/3] configuration: tls: document tls.vhost option (#215)

Also adds a configuration example to illustrate what is the good
of `tls.vhost` option and how to use it.

Signed-off-by: Fujimoto Seiji <fujimoto@clear-code.com>
---
 configuration/tls_ssl.md | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/configuration/tls_ssl.md b/configuration/tls_ssl.md
index 6cce123b4..65e53c9ab 100644
--- a/configuration/tls_ssl.md
+++ b/configuration/tls_ssl.md
@@ -14,6 +14,7 @@ Each output plugin that requires to perform Network I/O can optionally enable TL
 | tls.crt\_file | absolute path to Certificate file |  |
 | tls.key\_file | absolute path to private Key file |  |
 | tls.key\_passwd | optional password for tls.key\_file file |  |
+| tls.vhost | hostname to be used for TLS SNI extension | |
 
 The listed properties can be enabled in the configuration file, specifically on each output plugin section or directly through the command line. The following **output** plugins can take advantage of the TLS feature:
 
@@ -52,3 +53,25 @@ The same behavior can be accomplished using a configuration file:
     tls        On
     tls.verify Off
 ```
+
+## Tips and Tricks
+
+### Connect to virtual servers using TLS
+
+Fluent Bit supports [TLS server name indication](https://en.wikipedia.org/wiki/Server_Name_Indication). If you are serving multiple hostnames on a single IP address (a.k.a. virtual hosting), you can make use of `tls.vhost` to connect to a specific hostname.
+
+```
+[INPUT]
+    Name  cpu
+    Tag   cpu
+
+[OUTPUT]
+    Name        forward
+    Match       *
+    Host        192.168.10.100
+    Port        24224
+    tls         On
+    tls.verify  On
+    tls.ca_file /etc/certs/fluent.crt
+    tls.vhost   fluent.example.com
+```