VictoriaMetrics/deployment/docker/victorialogs/vector-docker
Artem Navoiev b16a5ee705
use latest image in example for VictoriaLogs and VictoriaMetrics to simplify the flow
Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
2023-07-06 21:30:15 -07:00
..
docker-compose.yml use latest image in example for VictoriaLogs and VictoriaMetrics to simplify the flow 2023-07-06 21:30:15 -07:00
README.md improved vector example for victoria logs 2023-07-06 21:27:23 -07:00
scrape.yml Add docker compose examples: filebeat(docker, syslog), fluentbit(docker), logstash, vector(docker) 2023-07-06 21:25:31 -07:00
vector.toml improved vector example for victoria logs 2023-07-06 21:27:23 -07:00

Docker compose Vector integration with VictoriaLogs for docker

The folder contains the example of integration of vector with Victorialogs

To spin-up environment run the following command:

docker compose up -d 

To shut down the docker-compose environment run the following command:

docker compose down
docker compose rm -f

The docker compose file contains the following components:

  • vector - vector is configured to collect logs from the docker, you can find configuration in the vector.toml. It writes data in VictoriaLogs. It pushes metrics to VictoriaMetrics.
  • VictoriaLogs - the log database, it accepts the data from vector by elastic protocol
  • VictoriaMetrics - collects metrics from VictoriaLogs and VictoriaMetrics(itself)

the example of vector configuration(vector.toml)

[sources.docker]
  type = "docker_logs"

[transforms.msg_parser]
  type = "remap"
  inputs = ["docker"]
  source = '''
  .log = parse_json!(.message)
  del(.message)
  '''

[sinks.vlogs]
  type = "elasticsearch"
  inputs = [ "msg_parser" ]
  endpoints = [ "http://victorialogs:9428/insert/elasticsearch/" ]
  mode = "bulk"
  api_version = "v8"
  compression = "gzip"
  healthcheck.enabled = false

  [sinks.vlogs.query]
    _msg_field = "log.msg"
    _time_field = "timestamp"
    _stream_fields = "source_type,host,container_name"

  [sinks.vlogs.request.headers]
    AccountID = "0"
    ProjectID = "0"

Please, note that _stream_fields parameter must follow recommended best practices to achieve better performance.