Socket Sink

The Vector socket sink sends logs to socket receiver.

Configuration

Common
Advanced

vector.toml
vector.yaml
vector.json

[sinks.my_sink_id]
  # General
  type = "socket" # required
  inputs = ["my-source-or-transform-id", "prefix-*"] # required
  address = "92.12.333.224:5000" # required, required when mode = `tcp` or `udp`
  mode = "tcp" # required
  path = "/path/to/socket" # required, required when mode = `tcp` or `udp`

  # Encoding
  encoding.codec = "json" # required

  # Healthcheck
  healthcheck.enabled = true # optional, default

8 items

commonrequired

commonrequired*string
address
The address to connect to. The address must include a port.
- Syntax: literal
- Only required when: mode = `tcp` or `udp`
- View examples
optionaltable
buffer
Configures the sink specific buffer behavior.
- commonoptionaluint
  max_events
  The maximum number of events allowed in the buffer.
  - Only relevant when: type = "memory"
  - Default: 500 (events)
- commonrequired*uint
  max_size
  The maximum size of the buffer on the disk.
  - Only required when: type = "disk"
  - View examples
- enumcommonoptionalstring
  type
  The buffer's type and storage mechanism.
  - Syntax: literal
  - Default: "memory"
  - Enum, must be one of: "memory" "disk"
  - View examples
- enumoptionalstring
  when_full
  The behavior when the buffer becomes full.
  - Syntax: literal
  - Default: "block"
  - Enum, must be one of: "block" "drop_newest"
  - View examples
commonrequiredtable
encoding
Configures the encoding specific sink behavior.
- commonrequiredstring
  codec
  The encoding codec used to serialize the events before outputting.
  - Syntax: literal
  - View examples
- optional[string]
  except_fields
  Prevent the sink from encoding the specified labels.
  - View examples
- optional[string]
  only_fields
  Prevent the sink from encoding the specified labels.
  - View examples
- enumoptionalstring
  timestamp_format
  How to format event timestamps.
  - Syntax: literal
  - Default: "rfc3339"
  - Enum, must be one of: "rfc3339" "unix"
  - View examples
commonoptionaltable
healthcheck
Health check options for the sink. See Health checks for more info.
- commonoptionalbool
  enabled
  Enables/disables the healthcheck upon Vector boot.
  - Default: true
  - View examples
optionaltable
keepalive
Configures the TCP keepalive behavior for the connection to the sink.
- optionaluint
  time_secs
  The time a connection needs to be idle before sending TCP keepalive probes.
enumcommonrequiredstring
mode
The type of socket to use.
- Syntax: literal
- Enum, must be one of: "tcp" "udp" "unix"
- View examples
commonrequired*string
path
The unix socket path. This should be the absolute path.
- Syntax: literal
- Only required when: mode = `tcp` or `udp`
- View examples
optionaltable
tls
Configures the TLS options for incoming connections.
- optionalstring
  ca_file
  Absolute path to an additional CA certificate file, in DER or PEM format (X.509), or an inline CA certificate in PEM format.
  - Syntax: literal
  - View examples
- commonoptionalstring
  crt_file
  Absolute path to a certificate file used to identify this connection, in DER or PEM format (X.509) or PKCS#12, or an inline certificate in PEM format. If this is set and is not a PKCS#12 archive, key_file must also be set.
  - Syntax: literal
  - View examples
- commonoptionalbool
  enabled
  Enable TLS during connections to the remote.
  - Default: false
  - View examples
- commonoptionalstring
  key_file
  Absolute path to a private key file used to identify this connection, in DER or PEM format (PKCS#8), or an inline private key in PEM format. If this is set, crt_file must also be set.
  - Syntax: literal
  - View examples
- optionalstring
  key_pass
  Pass phrase used to unlock the encrypted key file. This has no effect unless key_file is set.
  - Syntax: literal
  - View examples
- optionalbool
  verify_certificate
  If true (the default), Vector will validate the TLS certificate of the remote host.
  - Default: true
  - View examples
- optionalbool
  verify_hostname
  If true (the default), Vector will validate the configured remote host name against the remote host's TLS certificate. Do NOT set this to false unless you understand the risks of not verifying the remote hostname.
  - Default: true
  - View examples

Telemetry

This component provides the following metrics that can be retrieved through the internal_metrics source. See the metrics section in the monitoring page for more info.

counter
connection_errors_total
The total number of connection errors for this Vector instance. This metric includes the following tags:
- instance - The Vector instance identified by host and port.
- job - The name of the job producing Vector metrics.
counter
processed_bytes_total
The total number of bytes processed by the component. This metric includes the following tags:
- component_kind - The Vector component kind.
- component_name - The Vector component ID.
- component_type - The Vector component type.
- instance - The Vector instance identified by host and port.
- job - The name of the job producing Vector metrics.
counter
events_in_total
The total number of events accepted by this component. This metric includes the following tags:
- component_kind - The Vector component kind.
- component_name - The Vector component ID.
- component_type - The Vector component type.
- instance - The Vector instance identified by host and port.
- job - The name of the job producing Vector metrics.
counter
processed_events_total
The total number of events processed by this component. This metric includes the following tags:
- component_kind - The Vector component kind.
- component_name - The Vector component ID.
- component_type - The Vector component type.
- file - The file that produced the error
- instance - The Vector instance identified by host and port.
- job - The name of the job producing Vector metrics.
counter
events_out_total
The total number of events emitted by this component. This metric includes the following tags:
- component_kind - The Vector component kind.
- component_name - The Vector component ID.
- component_type - The Vector component type.
- instance - The Vector instance identified by host and port.
- job - The name of the job producing Vector metrics.

How It Works

Health checks

Health checks ensure that the downstream service is accessible and ready to accept data. This check is performed upon sink initialization. If the health check fails an error will be logged and Vector will proceed to start.

Require health checks

If you'd like to exit immediately upon a health check failure, you can pass the --require-healthy flag:

vector --config /etc/vector/vector.toml --require-healthy

Disable health checks

If you'd like to disable health checks for this sink you can set the healthcheck option to false.

State

This component is stateless, meaning its behavior is consistent across each input.

Transport Layer Security (TLS)

Vector uses Openssl for TLS protocols for it's maturity. You can enable and adjust TLS behavior via the tls.* options.

#Configuration

#address

#buffer

#max_events

#max_size

#type

#when_full

#encoding

#codec

#except_fields

#only_fields

#timestamp_format

#healthcheck

#enabled

#keepalive

#time_secs

#mode

#path

#tls

#ca_file

#crt_file

#enabled

#key_file

#key_pass

#verify_certificate

#verify_hostname

#Telemetry

#connection_errors_total

#processed_bytes_total

#events_in_total

#processed_events_total

#events_out_total

#How It Works

#Health checks

#Require health checks

#Disable health checks

#State

#Transport Layer Security (TLS)

Configuration

address

buffer

max_events

max_size

type

when_full

encoding

codec

except_fields

only_fields

timestamp_format

healthcheck

enabled

keepalive

time_secs

mode

path

tls

ca_file

crt_file

enabled

key_file

key_pass

verify_certificate

verify_hostname

Telemetry

connection_errors_total

processed_bytes_total

events_in_total

processed_events_total