AWS Cloudwatch Logs
Configuration Options
Required Options
group_name(required)
The group name of the target CloudWatch Logs stream.
| Type | Syntax | Default | Example |
|---|---|---|---|
| string | template | ["group-name","{{ file }}"] |
inputs(required)
A list of upstream source or transform
IDs. Wildcards (*) are supported.
See configuration for more info.
| Type | Syntax | Default | Example |
|---|---|---|---|
| array | literal | ["my-source-or-transform-id","prefix-*"] |
encoding(required)
Configures the encoding specific sink behavior.
| Type | Syntax | Default | Example |
|---|---|---|---|
| hash | literal | [] |
region(required)
The AWS region of the target service. If endpoint is provided it will override this value since the endpoint includes the region.
| Type | Syntax | Default | Example |
|---|---|---|---|
| string | literal | ["us-east-1"] |
stream_name(required)
The stream name of the target CloudWatch Logs stream. Note that there can only be one writer to a log stream at a time so if you are running multiple vectors all writing to the same log group, include a identifier in the stream name that is guaranteed to be unique by vector instance (for example, you might choose host)
| Type | Syntax | Default | Example |
|---|---|---|---|
| string | template | ["{{ host }}","%Y-%m-%d","stream-name"] |
type(required)
The component type. This is a required field for all components and tells Vector which component to use.
| Type | Syntax | Default | Example |
|---|---|---|---|
| string | literal | ["aws_cloudwatch_logs"] |
Advanced Options
auth(optional)
Options for the authentication strategy.
| Type | Syntax | Default | Example |
|---|---|---|---|
| hash | literal | [] |
endpoint(optional)
Custom endpoint for use with AWS-compatible services. Providing a value for this option will make region moot.
| Type | Syntax | Default | Example |
|---|---|---|---|
| string | literal | ["127.0.0.0:5000/path/to/service"] |
create_missing_group(optional)
Dynamically create a log group if it does not already exist. This will ignore create_missing_stream directly after creating the group and will create the first stream.
| Type | Syntax | Default | Example |
|---|---|---|---|
| bool |
create_missing_stream(optional)
Dynamically create a log stream if it does not already exist.
| Type | Syntax | Default | Example |
|---|---|---|---|
| bool |
buffer(optional)
Configures the sink specific buffer behavior.
| Type | Syntax | Default | Example |
|---|---|---|---|
| hash | literal | [] |
batch(optional)
Configures the sink batching behavior.
| Type | Syntax | Default | Example |
|---|---|---|---|
| hash | [] |
compression(optional)
The compression strategy used to compress the encoded event data before transmission.
Some cloud storage API clients and browsers will handle decompression transparently, so files may not always appear to be compressed depending how they are accessed.
| Type | Syntax | Default | Example |
|---|---|---|---|
| string | literal | none |
healthcheck(optional)
Health check options for the sink.
| Type | Syntax | Default | Example |
|---|---|---|---|
| hash | [] |
request(optional)
Configures the sink request behavior.
| Type | Syntax | Default | Example |
|---|---|---|---|
| hash | [] |
proxy(optional)
Configures an HTTP(S) proxy for Vector to use. By default, the globally configured proxy is used.
| Type | Syntax | Default | Example |
|---|---|---|---|
| hash | literal | [] |
How it Works
AWS authentication
Vector checks for AWS credentials in the following order:
- The
access_key_idandsecret_access_keyoptions. - The
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEYenvironment variables. - The
credential_processcommand in the AWS config file (usually located at~/.aws/config). - The AWS credentials file (usually located at
~/.aws/credentials). - The IAM instance profile (only works if running on an EC2 instance with an instance profile/role).
If no credentials are found, Vector's health check fails and an error is logged. If your AWS credentials expire, Vector will automatically search for up-to-date credentials in the places (and order) described above.
State
This component is stateless, meaning its behavior is consistent across each input.
Health checks
Health checks ensure that the downstream service is accessible and ready to accept data. This check is performed upon sink initialization. If the health check fails an error will be logged and Vector will proceed to start.
Partitioning
Vector supports dynamic configuration values through a simple template syntax. If an option supports templating, it will be noted with a badge and you can use event fields to create dynamic values. For example:
[sinks.my-sink]
dynamic_option = "application={{ application_id }}"
In the above example, the application_id for each event will be
used to partition outgoing data.
Rate limits & adapative concurrency
Buffers and batches
This component buffers & batches data as shown in the diagram above. You'll notice that Vector treats these concepts differently, instead of treating them as global concepts, Vector treats them as sink specific concepts. This isolates sinks, ensuring services disruptions are contained and delivery guarantees are honored.
Batches are flushed when 1 of 2 conditions are met:
- The batch age meets or exceeds the configured
timeout_secs. - The batch size meets or exceeds the configured
max_sizeormax_events.
Buffers are controlled via the buffer.* options.
Retry policy
Vector will retry failed requests (status == 429, >= 500, and != 501).
Other responses will not be retried. You can control the number of
retry attempts and backoff rate with the request.retry_attempts and
request.retry_backoff_secs options.