Kafka
Collect observability data from Apache Kafka topics
Configuration
Example configurations
{
"sources": {
"my_source_id": {
"type": "kafka",
"bootstrap_servers": "10.14.22.123:9092,10.14.23.332:9092",
"group_id": "consumer-group-name",
"topics": [
"^(prefix1|prefix2)-.+"
]
}
}
}[sources.my_source_id]
type = "kafka"
bootstrap_servers = "10.14.22.123:9092,10.14.23.332:9092"
group_id = "consumer-group-name"
topics = [ "^(prefix1|prefix2)-.+" ]
sources:
my_source_id:
type: kafka
bootstrap_servers: 10.14.22.123:9092,10.14.23.332:9092
group_id: consumer-group-name
topics:
- ^(prefix1|prefix2)-.+
{
"sources": {
"my_source_id": {
"type": "kafka",
"auto_offset_reset": "largest",
"bootstrap_servers": "10.14.22.123:9092,10.14.23.332:9092",
"commit_interval_ms": 5000,
"drain_timeout_ms": 2500,
"fetch_wait_max_ms": 100,
"group_id": "consumer-group-name",
"headers_key": "headers",
"key_field": "message_key",
"librdkafka_options": {
"client.id": "${ENV_VAR}",
"fetch.error.backoff.ms": "1000",
"socket.send.buffer.bytes": "100"
},
"offset_key": "offset",
"partition_key": "partition",
"session_timeout_ms": 10000,
"socket_timeout_ms": 60000,
"topic_key": "topic",
"topics": [
"^(prefix1|prefix2)-.+"
]
}
}
}[sources.my_source_id]
type = "kafka"
auto_offset_reset = "largest"
bootstrap_servers = "10.14.22.123:9092,10.14.23.332:9092"
commit_interval_ms = 5_000
drain_timeout_ms = 2_500
fetch_wait_max_ms = 100
group_id = "consumer-group-name"
headers_key = "headers"
key_field = "message_key"
offset_key = "offset"
partition_key = "partition"
session_timeout_ms = 10_000
socket_timeout_ms = 60_000
topic_key = "topic"
topics = [ "^(prefix1|prefix2)-.+" ]
[sources.my_source_id.librdkafka_options]
"client.id" = "${ENV_VAR}"
"fetch.error.backoff.ms" = "1000"
"socket.send.buffer.bytes" = "100"
sources:
my_source_id:
type: kafka
auto_offset_reset: largest
bootstrap_servers: 10.14.22.123:9092,10.14.23.332:9092
commit_interval_ms: 5000
drain_timeout_ms: 2500
fetch_wait_max_ms: 100
group_id: consumer-group-name
headers_key: headers
key_field: message_key
librdkafka_options:
client.id: ${ENV_VAR}
fetch.error.backoff.ms: "1000"
socket.send.buffer.bytes: "100"
offset_key: offset
partition_key: partition
session_timeout_ms: 10000
socket_timeout_ms: 60000
topic_key: topic
topics:
- ^(prefix1|prefix2)-.+
acknowledgements
optional objectControls how acknowledgements are handled by this source.
This setting is deprecated in favor of enabling acknowledgements at the global or sink level.
Enabling or disabling acknowledgements at the source level has no effect on acknowledgement behavior.
See End-to-end Acknowledgements for more information on how event acknowledgement is handled.
acknowledgements.enabled
optional boolauto_offset_reset
optional string literalIf offsets for consumer group do not exist, set them using this strategy.
See the librdkafka documentation for the auto.offset.reset option for further clarification.
largestbootstrap_servers
required string literalA comma-separated list of Kafka bootstrap servers.
These are the servers in a Kafka cluster that a client should use to bootstrap its connection to the cluster, allowing discovery of all the other hosts in the cluster.
Must be in the form of host:port, and comma-separated.
commit_interval_ms
optional uint5000 (milliseconds)decoding
optional objectdecoding.codec
optional string literal enum| Option | Description |
|---|---|
bytes | Uses the raw bytes as-is. |
gelf | Decodes the raw bytes as a GELF message. |
json | Decodes the raw bytes as JSON. |
native | Decodes the raw bytes as native Protocol Buffers format. This codec is experimental. |
native_json | Decodes the raw bytes as native JSON format. This codec is experimental. |
protobuf | Decodes the raw bytes as protobuf. |
syslog | Decodes the raw bytes as a Syslog message. Decodes either as the RFC 3164-style format (“old” style) or the RFC 5424-style format (“new” style, includes structured data). |
bytesdecoding.gelf
optional objectcodec = "gelf"decoding.gelf.lossy
optional boolDetermines whether or not to replace invalid UTF-8 sequences instead of failing.
When true, invalid UTF-8 sequences are replaced with the U+FFFD REPLACEMENT CHARACTER.
truedecoding.json
optional objectcodec = "json"decoding.json.lossy
optional boolDetermines whether or not to replace invalid UTF-8 sequences instead of failing.
When true, invalid UTF-8 sequences are replaced with the U+FFFD REPLACEMENT CHARACTER.
truedecoding.native_json
optional objectcodec = "native_json"decoding.native_json.lossy
optional boolDetermines whether or not to replace invalid UTF-8 sequences instead of failing.
When true, invalid UTF-8 sequences are replaced with the U+FFFD REPLACEMENT CHARACTER.
truedecoding.protobuf
optional objectcodec = "protobuf"decoding.protobuf.desc_file
optional string literaldecoding.protobuf.message_type
optional string literaldecoding.syslog
optional objectcodec = "syslog"decoding.syslog.lossy
optional boolDetermines whether or not to replace invalid UTF-8 sequences instead of failing.
When true, invalid UTF-8 sequences are replaced with the U+FFFD REPLACEMENT CHARACTER.
truedrain_timeout_ms
optional uintTimeout to drain pending acknowledgements during shutdown or a Kafka consumer group rebalance.
When Vector shuts down or the Kafka consumer group revokes partitions from this
consumer, wait a maximum of drain_timeout_ms for the source to
process pending acknowledgements. Must be less than session_timeout_ms
to ensure the consumer is not excluded from the group during a rebalance.
Default value is half of session_timeout_ms.
fetch_wait_max_ms
optional uint100 (milliseconds)framing
optional objectFraming configuration.
Framing handles how events are separated when encoded in a raw byte form, where each event is a frame that must be prefixed, or delimited, in a way that marks where an event begins and ends within the byte stream.
framing.character_delimited
required objectmethod = "character_delimited"framing.character_delimited.delimiter
required uintframing.character_delimited.max_length
optional uintThe maximum length of the byte buffer.
This length does not include the trailing delimiter.
By default, there is no maximum length enforced. If events are malformed, this can lead to additional resource usage as events continue to be buffered in memory, and can potentially lead to memory exhaustion in extreme cases.
If there is a risk of processing malformed data, such as logs with user-controlled input, consider setting the maximum length to a reasonably large value as a safety net. This ensures that processing is not actually unbounded.
framing.method
optional string literal enum| Option | Description |
|---|---|
bytes | Byte frames are passed through as-is according to the underlying I/O boundaries (for example, split between messages or stream segments). |
character_delimited | Byte frames which are delimited by a chosen character. |
length_delimited | Byte frames which are prefixed by an unsigned big-endian 32-bit integer indicating the length. |
newline_delimited | Byte frames which are delimited by a newline character. |
octet_counting | Byte frames according to the octet counting format. |
bytesframing.newline_delimited
optional objectmethod = "newline_delimited"framing.newline_delimited.max_length
optional uintThe maximum length of the byte buffer.
This length does not include the trailing delimiter.
By default, there is no maximum length enforced. If events are malformed, this can lead to additional resource usage as events continue to be buffered in memory, and can potentially lead to memory exhaustion in extreme cases.
If there is a risk of processing malformed data, such as logs with user-controlled input, consider setting the maximum length to a reasonably large value as a safety net. This ensures that processing is not actually unbounded.
framing.octet_counting
optional objectmethod = "octet_counting"framing.octet_counting.max_length
optional uintgroup_id
required string literalheaders_key
optional string literalOverrides the name of the log field used to add the headers to each event.
The value is the headers of the Kafka message itself.
By default, "headers" is used.
headerskey_field
optional string literalOverrides the name of the log field used to add the message key to each event.
The value is the message key of the Kafka message itself.
By default, "message_key" is used.
message_keylibrdkafka_options
optional objectAdvanced options set directly on the underlying librdkafka client.
See the librdkafka documentation for details.
librdkafka_options.*
required string literalmetrics
optional objectmetrics.topic_lag_metric
optional boolkafka_consumer_lag.falseoffset_key
optional string literalOverrides the name of the log field used to add the offset to each event.
The value is the offset of the Kafka message itself.
By default, "offset" is used.
offsetpartition_key
optional string literalOverrides the name of the log field used to add the partition to each event.
The value is the partition from which the Kafka message was consumed from.
By default, "partition" is used.
partitionsasl
optional objectsasl.enabled
optional boolEnables SASL authentication.
Only PLAIN- and SCRAM-based mechanisms are supported when configuring SASL authentication using sasl.*. For
other mechanisms, librdkafka_options.* must be used directly to configure other librdkafka-specific values.
If using sasl.kerberos.* as an example, where * is service.name, principal, kinit.md, etc., then
librdkafka_options.* as a result becomes librdkafka_options.sasl.kerberos.service.name,
librdkafka_options.sasl.kerberos.principal, etc.
See the librdkafka documentation for details.
SASL authentication is not supported on Windows.
sasl.mechanism
optional string literaltls
optional objecttls.alpn_protocols
optional [string]Sets the list of supported ALPN protocols.
Declare the supported ALPN protocols, which are used during negotiation with peer. They are prioritized in the order that they are defined.
tls.ca_file
optional string literalAbsolute path to an additional CA certificate file.
The certificate must be in the DER or PEM (X.509) format. Additionally, the certificate can be provided as an inline string in PEM format.
tls.crt_file
optional string literalAbsolute path to a certificate file used to identify this server.
The certificate must be in DER, PEM (X.509), or PKCS#12 format. Additionally, the certificate can be provided as an inline string in PEM format.
If this is set, and is not a PKCS#12 archive, key_file must also be set.
tls.enabled
optional boolWhether or not to require TLS for incoming or outgoing connections.
When enabled and used for incoming connections, an identity certificate is also required. See tls.crt_file for
more information.
tls.key_file
optional string literalAbsolute path to a private key file used to identify this server.
The key must be in DER or PEM (PKCS#8) format. Additionally, the key can be provided as an inline string in PEM format.
tls.key_pass
optional string literalPassphrase used to unlock the encrypted key file.
This has no effect unless key_file is set.
tls.verify_certificate
optional boolEnables certificate verification.
If enabled, certificates must not be expired and must be issued by a trusted issuer. This verification operates in a hierarchical manner, checking that the leaf certificate (the certificate presented by the client/server) is not only valid, but that the issuer of that certificate is also valid, and so on until the verification process reaches a root certificate.
Relevant for both incoming and outgoing connections.
Do NOT set this to false unless you understand the risks of not verifying the validity of certificates.
tls.verify_hostname
optional boolEnables hostname verification.
If enabled, the hostname used to connect to the remote host must be present in the TLS certificate presented by the remote host, either as the Common Name or as an entry in the Subject Alternative Name extension.
Only relevant for outgoing connections.
Do NOT set this to false unless you understand the risks of not verifying the remote hostname.
topic_key
optional string literalOverrides the name of the log field used to add the topic to each event.
The value is the topic from which the Kafka message was consumed from.
By default, "topic" is used.
topictopics
required [string]The Kafka topics names to read events from.
Regular expression syntax is supported if the topic begins with ^.
Outputs
<component_id>
Output Data
Logs
Warning
Record
53.126.150.246 - - [01/Oct/2020:11:25:58 -0400] "GET /disintermediate HTTP/2.0" 401 20308100partitionkafka2020-10-10T17:07:36.452332ZtopicTelemetry
Metrics
linkcomponent_discarded_events_total
counterfilter transform, or false if due to an error.component_errors_total
countercomponent_received_bytes_total
countercomponent_received_event_bytes_total
countercomponent_received_events_count
histogramA histogram of the number of events passed in each internal batch in Vector’s internal topology.
Note that this is separate than sink-level batching. It is mostly useful for low level debugging performance issues in Vector due to small internal batches.
component_received_events_total
countercomponent_sent_event_bytes_total
countercomponent_sent_events_total
counterkafka_consumed_messages_bytes_total
counterkafka_consumed_messages_total
counterkafka_consumer_lag
gaugekafka_produced_messages_bytes_total
counterkafka_produced_messages_total
counterkafka_queue_messages
gaugekafka_queue_messages_bytes
gaugekafka_requests_bytes_total
counterkafka_requests_total
counterkafka_responses_bytes_total
counterkafka_responses_total
countersource_lag_time_seconds
histogramHow it works
Azure Event Hubs
It is possible to use the kafka source and sink with Azure Event Hubs
for all tiers other than the Basic tier. More details
can be found here. To configure the source and
sink to connect to Azure Event Hubs set the following options:
bootstrap_servers-<namespace name>.servicebus.windows.net:9093group_id- The consumer group. Note that if the default group ($Default) is used it must be specified as$$Defaultto escape the$used for environment variables.topics- The event hub name.sasl.enabled- Set totrue.sasl.mechanism- Set toPLAIN.sasl.username- Set to$$ConnectionString(note the double$$).sasl.password- Set to the connection string. See here.tls.enabled- Set totrue.tls.ca_file- The certificate authority file.tls.verify_certificate- Set totrue.
librdkafka
kafka sink uses librdkafka under the hood. This
is a battle-tested, high performance, and reliable library that facilitates
communication with Kafka. As Vector produces static MUSL builds,
this dependency is packaged with Vector, meaning you do not need to install it.Transport Layer Security (TLS)
tls.* options and/or via an
OpenSSL configuration file. The file location defaults to
/usr/local/ssl/openssl.cnf or can be specified with the OPENSSL_CONF environment variable.