Skip to content

Instantly share code, notes, and snippets.

@ei-grad

ei-grad/vector.toml

Created April 15, 2023 14:34
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ei-grad/233dc491c57eb888fbad20717eb9ffd2 to your computer and use it in GitHub Desktop.
Save ei-grad/233dc491c57eb888fbad20717eb9ffd2 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
vector.toml
[sources.journald]
type = "journald"
[transforms.remove_systemd_fields]
type = "remap"
inputs = ["journald"]
source = '''
del(._BOOT_ID)
del(._CAP_EFFECTIVE)
del(._CMDLINE)
del(._COMM)
del(._EXE)
del(._UID)
del(._GID)
del(._MACHINE_ID)
del(._PID)
del(._SELINUX_CONTEXT)
del(._SOURCE_REALTIME_TIMESTAMP)
del(.__MONOTONIC_TIMESTAMP)
del(.__REALTIME_TIMESTAMP)
del(._SYSTEMD_CGROUP)
del(._SYSTEMD_SLICE)
del(._TRANSPORT)
'''
[transforms.journald_with_ec2_metadata]
type = "aws_ec2_metadata"
inputs = [ "remove_systemd_fields" ]
fields = [ "availability-zone", "instance-id" ]
[sinks.cloudwatch]
type = "aws_cloudwatch_logs"
inputs = [ "journald_with_ec2_metadata" ]
group_name = "journald"
stream_name = "{{ instance-id }}/{{ _SYSTEMD_UNIT }}"
encoding.codec = "json"
request.concurrency = "adaptive"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment