Socket
Deliver logs to a remote socket endpoint
status: stable
delivery: best effort
egress: stream
state: stateless
Configuration
Example configurations
{
"sinks": {
"my_sink_id": {
"type": "socket",
"inputs": [
"my-source-or-transform-id"
],
"address": "92.12.333.224:5000",
"mode": "tcp",
"path": "/path/to/socket"
}
}
}[sinks.my_sink_id]
type = "socket"
inputs = [ "my-source-or-transform-id" ]
address = "92.12.333.224:5000"
mode = "tcp"
path = "/path/to/socket"
---
sinks:
my_sink_id:
type: socket
inputs:
- my-source-or-transform-id
address: 92.12.333.224:5000
mode: tcp
encoding: null
healthcheck: null
path: /path/to/socket
{
"sinks": {
"my_sink_id": {
"type": "socket",
"inputs": [
"my-source-or-transform-id"
],
"address": "92.12.333.224:5000",
"mode": "tcp",
"path": "/path/to/socket"
}
}
}[sinks.my_sink_id]
type = "socket"
inputs = [ "my-source-or-transform-id" ]
address = "92.12.333.224:5000"
mode = "tcp"
path = "/path/to/socket"
---
sinks:
my_sink_id:
type: socket
inputs:
- my-source-or-transform-id
address: 92.12.333.224:5000
mode: tcp
buffer: null
encoding: null
healthcheck: null
keepalive: null
tls: null
path: /path/to/socket
address
required string literalThe address to connect to. The address must include a port.
Relevant when:
mode = `tcp` or `udp`buffer
optional objectConfigures the sink specific buffer behavior.
buffer.max_events
optional uintThe maximum number of events allowed in the buffer.
Relevant when:
type = "memory"default:
500 (events)buffer.type
optional string enum literalThe buffer’s type and storage mechanism.
Enum options
| Option | Description |
|---|---|
disk | Stores the sink’s buffer on disk. This is less performant, but durable. Data will not be lost between restarts. Will also hold data in memory to enhance performance. WARNING: This may stall the sink if disk performance isn’t on par with the throughput. For comparison, AWS gp2 volumes are usually too slow for common cases. |
memory | Stores the sink’s buffer in memory. This is more performant, but less durable. Data will be lost if Vector is restarted forcefully. |
default:
memorybuffer.when_full
optional string enum literalThe behavior when the buffer becomes full.
Enum options
| Option | Description |
|---|---|
block | Applies back pressure when the buffer is full. This prevents data loss, but will cause data to pile up on the edge. |
drop_newest | Drops new data as it’s received. This data is lost. This should be used when performance is the highest priority. |
default:
blockencoding
required objectConfigures the encoding specific sink behavior.
encoding.codec
required string enum literalThe encoding codec used to serialize the events before outputting.
Enum options
| Option | Description |
|---|---|
json | JSON encoded event. |
text | The message field from the event. |
encoding.except_fields
optional arrayPrevent the sink from encoding the specified fields.
encoding.only_fields
optional arrayMakes the sink encode only the specified fields.
encoding.timestamp_format
optional string enum literalHow to format event timestamps.
Enum options
| Option | Description |
|---|---|
rfc3339 | Formats as a RFC3339 string |
unix | Formats as a unix timestamp |
default:
rfc3339inputs
required [string]A list of upstream source or transform
IDs. Wildcards (*) are supported.
See configuration for more info.
keepalive
optional objectConfigures the TCP keepalive behavior for the connection to the sink.
keepalive.time_secs
optional uintThe time a connection needs to be idle before sending TCP keepalive probes.
mode
required string literal enumThe type of socket to use.
Enum options
string
literal
| Option | Description |
|---|---|
tcp | TCP socket |
udp | UDP socket |
unix | Unix domain socket |
path
required string literalThe unix socket path. This should be the absolute path.
Relevant when:
mode = `unix`tls
optional objectConfigures the TLS options for incoming connections.
tls.ca_file
optional string literalAbsolute path to an additional CA certificate file, in DER or PEM format (X.509), or an inline CA certificate in PEM format.
tls.crt_file
optional string literalAbsolute path to a certificate file used to identify this connection, in DER or PEM format (X.509) or PKCS#12, or an inline certificate in PEM format. If this is set and is not a PKCS#12 archive,
key_file must also be set.tls.key_file
optional string literalAbsolute path to a private key file used to identify this connection, in DER or PEM format (PKCS#8), or an inline private key in PEM format. If this is set,
crt_file must also be set.tls.key_pass
optional string literalPass phrase used to unlock the encrypted key file. This has no effect unless
key_file is set.tls.verify_certificate
optional boolIf
true (the default), Vector will validate the TLS certificate of the remote host.default:
truetls.verify_hostname
optional boolIf
true (the default), Vector will validate the configured remote host name against the remote host’s TLS certificate. Do NOT set this to false unless you understand the risks of not verifying the remote hostname.default:
trueTelemetry
Metrics
linkconnection_errors_total
counterThe total number of connection errors for this Vector instance.
host
required
The hostname of the system Vector is running on.
pid
required
The process ID of the Vector instance.
events_in_total
counterThe number of events accepted by this component either from tagged
origin like file and uri, or cumulatively from other origins.
component_id
required
The Vector component ID.
component_kind
required
The Vector component kind.
component_name
required
Deprecated, use
component_id instead. The value is the same as component_id.component_type
required
The Vector component type.
container_name
optional
The name of the container from which the event originates.
file
optional
The file from which the event originates.
host
required
The hostname of the system Vector is running on.
mode
optional
The connection mode used by the component.
peer_addr
optional
The IP from which the event originates.
peer_path
optional
The pathname from which the event originates.
pid
required
The process ID of the Vector instance.
pod_name
optional
The name of the pod from which the event originates.
uri
optional
The sanitized URI from which the event originates.
events_out_total
counterThe total number of events emitted by this component.
component_id
required
The Vector component ID.
component_kind
required
The Vector component kind.
component_name
required
Deprecated, use
component_id instead. The value is the same as component_id.component_type
required
The Vector component type.
host
required
The hostname of the system Vector is running on.
pid
required
The process ID of the Vector instance.
processed_bytes_total
counterThe number of bytes processed by the component.
component_id
required
The Vector component ID.
component_kind
required
The Vector component kind.
component_name
required
Deprecated, use
component_id instead. The value is the same as component_id.component_type
required
The Vector component type.
container_name
optional
The name of the container from which the bytes originate.
file
optional
The file from which the bytes originate.
host
required
The hostname of the system Vector is running on.
mode
optional
The connection mode used by the component.
peer_addr
optional
The IP from which the bytes originate.
peer_path
optional
The pathname from which the bytes originate.
pid
required
The process ID of the Vector instance.
pod_name
optional
The name of the pod from which the bytes originate.
uri
optional
The sanitized URI from which the bytes originate.
processed_events_total
counterThe total number of events processed by this component.
This metric is deprecated in place of using
events_in_total and
events_out_total metrics.component_id
required
The Vector component ID.
component_kind
required
The Vector component kind.
component_name
required
Deprecated, use
component_id instead. The value is the same as component_id.component_type
required
The Vector component type.
host
required
The hostname of the system Vector is running on.
pid
required
The process ID of the Vector instance.
utilization
gaugeA ratio from 0 to 1 of the load on a component. A value of 0 would indicate a completely idle component that is simply waiting for input. A value of 1 would indicate a that is never idle. This value is updated every 5 seconds.
component_id
required
The Vector component ID.
component_kind
required
The Vector component kind.
component_name
required
Deprecated, use
component_id instead. The value is the same as component_id.component_type
required
The Vector component type.
host
required
The hostname of the system Vector is running on.
pid
required
The process ID of the Vector instance.
How it works
Health checks
Health checks ensure that the downstream service is
accessible and ready to accept data. This check is performed
upon sink initialization. If the health check fails an error
will be logged and Vector will proceed to start.
Require health checks
If you’d like to exit immediately upon a health check failure, you can pass the
--require-healthy flag:
vector --config /etc/vector/vector.toml --require-healthy
Disable health checks
If you’d like to disable health checks for this sink you can set the
healthcheck option to
false.