Last active
January 16, 2025 19:57
-
-
Save johnsmclay/0427f39e0c64bb955ac40b5469db51f7 to your computer and use it in GitHub Desktop.
Vector write systemd logs to cloudwatch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # REFERENCES: | |
| # how-to: https://blog.swwomm.com/2021/06/send-journald-to-cloudwatch-logs-with.html | |
| # Docs: https://vector.dev/docs | |
| # Change this to use a non-default directory for Vector data storage: | |
| # data_dir: "/var/lib/vector" | |
| sources: | |
| journald_all: | |
| type: "journald" | |
| #include_units: ["sshd"] | |
| exclude_units: ["vector"] | |
| sinks: | |
| # NOTE: requires some permissions provided by the AWS policy "CloudWatchAgentServerPolicy" | |
| # you can create an IAM Role of type instance profile and attach it to the instance | |
| cloudwatchlogs: | |
| type: "aws_cloudwatch_logs" | |
| region: "us-east-2" | |
| group_name: "/aws/ec2/some-fun-hostname/journald" | |
| stream_name: "vector-instance-######" | |
| inputs: ["journald_all"] | |
| compression: "gzip" | |
| encoding: | |
| codec: "json" | |
| # json: | |
| # pretty: true | |
| # Vector's GraphQL API (disabled by default) | |
| # Uncomment to try it out with the `vector top` command or | |
| # in your browser at http://localhost:8686 | |
| # api: | |
| # enabled: true | |
| # address: "127.0.0.1:8686" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment