rust rewrite

Cargo.toml

@@ -18,4 +18,4 @@ serde_json="1.0.79"
 serde_derive = "1.0.136"
 clap = { version = "4.5.2", features = ["derive"] }
 csv = "1.3.0"
-polars = "0.38.1"
+poston = "0.7.8"

ConfigExamples/fluentd.yaml

@@ -9,5 +9,5 @@ output:
   fluentd:
     enabled: True
     tenantName: MyTenant
-    address: fluentd
+    address: localhost
     port: 24224

ConfigExamples/fullConfig.yaml

@@ -16,7 +16,6 @@ collect:  # Settings determining which audit logs to collect and how to do it
   retryCooldown: 3  # Seconds to wait before retrying retrieving a content blob
   autoSubscribe: True  # Automatically subscribe to collected content types. Never unsubscribes from anything.
   skipKnownLogs: True  # Remember retrieved log ID's, don't collect them twice
-  resume: False  # DEPRECATED, recommended to keep 'false'. Remember last run time, resume collecting from there next run
   hoursToCollect: 24  # Look back this many hours for audit logs (can be overwritten by resume)
   filter:  # Only logs that match ALL filters for a content type are collected. Leave empty to collect all
     Audit.General: