-
Notifications
You must be signed in to change notification settings - Fork 0
/
vector-example.yaml
90 lines (81 loc) · 2.12 KB
/
vector-example.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
sources:
bunny_src:
type: syslog
address: '0.0.0.0:6514'
mode: udp
sinks:
bunny_file_sink:
type: file
inputs:
- bunny_shaker
compression: none
path: /logs/bunny_log-%Y-%m-%d.log
encoding:
codec: json
bunny_search_sink:
type: elasticsearch
inputs:
- bunny_shaker
endpoints: [http://openobserve:5080/api/default/]
bulk:
index: bunny_log
auth:
strategy: basic
user: "${SEARCH_EMAIL:?search email is required}"
password: "${SEARCH_PWD:?search pwd is required}"
healthcheck:
enabled: false
bunny_metric_exporter:
type: prometheus_exporter
inputs:
- bunny_metric
default_namespace: bunny
flush_period_secs: 20
# address: 0.0.0.0:9598 # this is already default
# alternate to bunny_metric_exporter above
bunny_metric_sink:
type: prometheus_remote_write
inputs:
- bunny_metric
endpoint: "http://openobserve:5080/api/default/prometheus/api/v1/write"
default_namespace: bunny
auth:
strategy: basic
user: "${SEARCH_EMAIL:?search email is required}"
password: "${SEARCH_PWD:?search pwd is required}"
batch:
timeout_secs: 10
transforms:
# optionally verify bunnycdn token/password
# password going to come in as the event object key: OptionalBunnyToken@workerid
bunny_prefilter:
type: filter
inputs:
- bunny_src
condition: 'starts_with(string!(keys(.)[0]), get_env_var!("BUNNY_TOKEN"))'
# parse log PathAndQuery for /shake aka tree shaking
# to get event Action(ea), Category (ec), and Value (ev)
bunny_transform:
type: remap
inputs:
- bunny_prefilter
file: /etc/vector/stat-transform.vrl
bunny_shaker:
type: filter
inputs:
- bunny_transform
condition: 'starts_with(string!(.PathAndQuery), "/shake/")'
bunny_metric:
type: log_to_metric
inputs:
- bunny_shaker
metrics:
- type: counter
field: ev
name: "event_{{ ec }}"
namespace: bunny
_timestamp: _timestamp
tags:
action: "{{ ea }}"
label: "{{ el }}"
value: "{{ ev }}"