Collect logs from Kafka and send them anywhere

A simple guide to collect logs from Kafka and send them anywhere in just a few minutes.
type: tutorialdomain: sourcessource: kafka

Logs are an essential part of observing any service; without them you are flying blind. But collecting and analyzing them can be a real challenge -- especially at scale. Not only do you need to solve the basic task of collecting your logs, but you must do it in a reliable, performant, and robust manner. Nothing is more frustrating than having your logs pipeline fall on it's face during an outage, or even worse, disrupt more important services!

Fear not! In this guide we'll show you how to send collect logs from Kafka and send them anywhere and build a logs pipeline that will be the backbone of your observability strategy.

Background

What is Kafka?

Apache Kafka is an open source project for a distributed publish-subscribe messaging system rethought as a distributed commit log. Kafka stores messages in topics that are partitioned and replicated across multiple brokers in a cluster. Producers send messages to topics from which consumers read. This makes it an excellent candidate for durably storing logs and metrics data.

Strategy

How This Guide Works

We'll be using Vector to accomplish this task. Vector is a popular open-source utility for building observability pipelines. It's written in Rust, making it lightweight, ultra-fast and highly reliable. And we'll be deploying Vector as a service.

The service deployment strategy treats Vector like a separate service. It is designed to receive data from an upstream source and fan-out to one or more destinations. For this guide, Vector will collect data from Kafka via Vector's kafka source. The following diagram demonstrates how it works.

Vector Service Deployment StrategyVector service deployment strategy
1. Vector collects data from Kafka
Vector will consume one or more Kafka topics.
2. Vector processes data
Vector parses, transforms, and enriches data.
3. Vector fans-out data
Vector receives data from another upstream Vector instance.

What We'll Accomplish

To be clear, here's everything we'll accomplish in this short guide:

  • Consume one or more Kafka topics.
    • Checkpoint your position to ensure data is not lost between restarts.
    • Enrich your logs with useful Kafka context.
  • Send your logs to one or more destinations
  • All in just a few minutes!

Tutorial

  1. Install Vector

    curl --proto '=https' --tlsv1.2 -sSf https://sh.vector.dev | sh
    explain this command

    Or choose your preferred method.

  2. Configure Vector

    Where do you want to send your data?
    Console
    cat <<-VECTORCFG > vector.toml
    [sources.in]
      bootstrap_servers = "10.14.22.123:9092,10.14.23.332:9092" # required
      group_id = "consumer-group-name" # required
      topics = ["^(prefix1|prefix2)-.+", "topic-1", "topic-2"] # required
      type = "kafka" # required
    

    [sinks.out]
      # Encoding
      encoding.codec = "json" # required
    

      # General
      inputs = ["in"] # required
      type = "console" # required
    VECTORCFG
    explain this command

  3. Start Vector

    vector --config vector.toml

    That's it! Simple and to the point. Hit ctrl+c to exit.

Next Steps

Vector is powerful utility and we're just scratching the surface in this guide. Here are a few pages we recommend that demonstrate the power and flexibility of Vector:

Vector Github repo 4k
Vector is free and open-source!
Vector getting started series
Go from zero to production in under 10 minutes!
Vector documentation
Thoughtful, detailed docs that respect your time.