Socket Source
The Vector socket source
ingests data through a socket, such as a TCP,
UDP, or UDS socket and outputs
log events.
Requirements
Configuration
- tcp
- tcp (adv)
- udp
- udp (adv)
- unix
- unix (adv)
[sources.my_source_id]type = "socket" # requiredaddress = "0.0.0.0:9000" # required, required when mode = "tcp" or mode = "udp"max_length = 102400 # optional, default, bytesmode = "tcp" # required
- stringrequired*
address
The address to listen for connections on, or
systemd#Nto use the Nth socket passed by systemd socket activation. If an address is used it must include a port.- Only required when:
mode=["tcp","udp"] - No default
- View examples
- Only required when:
- stringoptional
host_key
The key name added to each event representing the current host. This can also be globally set via the global [
host_key](#host_key) option. See Context for more info.- Default:
"host"
- Default:
- uint (bytes)optional
max_length
The maximum bytes size of incoming messages before they are discarded.
- Default:
102400(bytes)
- Default:
- stringrequired
mode
The type of socket to use.
- No default
- Enum, must be one of:
"tcp""udp""unix" - View examples
- stringrequired*
path
The unix socket path. This should be absolute path.
- Only required when:
mode="unix" - No default
- View examples
- Only required when:
- uint (seconds)optional
shutdown_timeout_secs
The timeout before a connection is forcefully closed during shutdown.
- Only relevant when:
mode="tcp" - Default:
30(seconds)
- Only relevant when:
- tableoptional
tls
Configures the TLS options for connections from this source.
- stringoptional
ca_path
Absolute path to an additional CA certificate file, in DER or PEM format (X.509).
- Only relevant when:
mode="tcp" - No default
- View examples
- Only relevant when:
- stringoptional
crt_path
Absolute path to a certificate file used to identify this server, in DER or PEM format (X.509) or PKCS#12. If this is set and is not a PKCS#12 archive,
key_pathmust also be set. This is required ifenabledis set totrue.- Only relevant when:
mode="tcp" - No default
- View examples
- Only relevant when:
- booloptional
enabled
Require TLS for incoming connections. If this is set, an identity certificate is also required.
- Only relevant when:
mode="tcp" - Default:
false - View examples
- Only relevant when:
- stringoptional
key_pass
Pass phrase used to unlock the encrypted key file. This has no effect unless
key_pathis set.- Only relevant when:
mode="tcp" - No default
- View examples
- Only relevant when:
- stringoptional
key_path
Absolute path to a certificate key file used to identify this server, in DER or PEM format (PKCS#8).
- Only relevant when:
mode="tcp" - No default
- View examples
- Only relevant when:
- booloptional
verify_certificate
If
true, Vector will require a TLS certificate from the connecting host and terminate the connection if it is not valid. Iffalse(the default), Vector will not request a certificate from the client.- WARNING: Setting this to `false` will cause OpenSSL to not request a certificate from the client
- Only relevant when:
mode="tcp" - Default:
false - View examples
Fields
{// ..."host": "my.host.com","message": "Started GET / for 127.0.0.1 at 2012-03-10 14:28:14 +0100","timestamp": "2019-11-01T21:15:47+00:00"// ...}
- stringrequired
host
The upstream hostname.
- No default
- View examples
- stringrequired
message
The raw message, unaltered.
- No default
- View examples
- timestamprequired
timestamp
The exact time the event was ingested.
- No default
- View examples
Examples
Given the following input line:
2019-02-13T19:48:34+00:00 [info] Started GET "/" for 127.0.0.1
A log event will be output with the following structure:
{"timestamp": <current_timestamp>,"message": "2019-02-13T19:48:34+00:00 [info] Started GET "/" for 127.0.0.1","host": "<upstream_hostname>"}
How It Works
Context
By default, the socket source will add context
keys to your events via the host_key
options.
Environment Variables
Environment variables are supported through all of Vector's configuration.
Simply add ${MY_ENV_VAR} in your Vector configuration file and the variable
will be replaced before being evaluated.
You can learn more in the Environment Variables section.
TLS
Vector uses Openssl for TLS protocols for it's battle-tested
and reliable security. You can enable and adjust TLS behavior via the tls.*
options.