close
The Wayback Machine - https://web.archive.org/web/20200921201559/https://vector.dev/docs/reference/sinks/loki/
transmit

Loki Sink

The Vector loki sink batches log events to Loki.

Configuration

vector.toml
[sinks.my_sink_id]
  # General
  type = "loki" # required
  inputs = ["my-source-or-transform-id"] # required
  endpoint = "http://localhost:3100" # required
  healthcheck = true # optional, default


  # Encoding
  encoding.codec = "json" # optional, default


  # Labels
  labels.key = "value" # example
  labels.key = "{{ event_field }}" # example
12 items
  • tableoptional

    auth

    Options for the authentication strategy.

    • stringcommonrequired*

      password

      The basic authentication password. If using GrafanaLab's hosted Loki then this must be set to your instanceId.

      • Only required when: strategy = "basic"
      • No default
      • View examples
    • stringenumcommonrequired

      strategy

      The authentication strategy to use.

      • No default
      • Enum, must be one of: "basic" "bearer"
      • View examples
    • stringcommonrequired*

      token

      The token to use for bearer authentication

      • Only required when: strategy = "bearer"
      • No default
      • View examples
    • stringcommonrequired*

      user

      The basic authentication user name. If using GrafanaLab's hosted Loki then this must be set to your Grafana.com api key.

      • Only required when: strategy = "basic"
      • No default
      • View examples
  • tableoptional

    batch

    Configures the sink batching behavior.

    • uint (events)commonoptional

      max_events

      The maximum size of a batch, in events, before it is flushed. See Buffers & Batches for more info.

      • Default: 100000 (events)
    • uint (seconds)commonoptional

      timeout_secs

      The maximum age of a batch before it is flushed. See Buffers & Batches for more info.

      • Default: 1 (seconds)
  • tableoptional

    buffer

    Configures the sink specific buffer behavior.

    • uint (events)commonoptional

      max_events

      The maximum number of events allowed in the buffer. See Buffers & Batches for more info.

      • Only relevant when: type = "memory"
      • Default: 500 (events)
    • uint (bytes)required*

      max_size

      The maximum size of the buffer on the disk.

      • Only required when: type = "disk"
      • No default
      • View examples
    • stringenumcommonoptional

      type

      The buffer's type and storage mechanism.

      • Default: "memory"
      • Enum, must be one of: "memory" "disk"
      • View examples
    • stringenumoptional

      when_full

      The behavior when the buffer becomes full.

      • Default: "block"
      • Enum, must be one of: "block" "drop_newest"
      • View examples
  • tablecommonoptional

    encoding

    Configures the encoding specific sink behavior.

    • stringenumcommonoptional

      codec

      The encoding codec used to serialize the events before outputting.

      • Default: "json"
      • Enum, must be one of: "json" "text"
      • View examples
    • [string]optional

      except_fields

      Prevent the sink from encoding the specified labels.

      • No default
      • View examples
    • [string]optional

      only_fields

      Limit the sink to only encoding the specified labels.

      • No default
      • View examples
    • stringenumoptional

      timestamp_format

      How to format event timestamps.

      • Default: "rfc3339"
      • Enum, must be one of: "rfc3339" "unix"
      • View examples
  • stringcommonrequired

    endpoint

    The endpoint used to ship logs to.

    • No default
    • View examples
  • boolcommonoptional

    healthcheck

    Enables/disables the sink healthcheck upon start. See Health Checks for more info.

    • Default: true
    • View examples
  • tablecommonrequired

    labels

    A set of labels that will be attached to each batch of events. These values are also templateable to allow events to provide dynamic label values.Note: If the set of label values has high cardinality this can cause drastic performance issues with Loki. To ensure this does not happen one should try to reduce the amount of unique label values.

    • templateablestringcommonrequired

      [label-name]

      A key-value pair for labels.

      • No default
      • View examples
  • booloptional

    remove_label_fields

    If this is set to true then when labels are collected from events those fields will also get removed from the event.

    • Default: false
    • View examples
  • booloptional

    remove_timestamp

    If this is set to true then the timestamp will be removed from the event. This is useful because Loki uses the timestamp to index the event.

    • Default: true
    • View examples
  • tableoptional

    request

    Configures the sink request behavior.

    • uint (requests)commonoptional

      in_flight_limit

      The maximum number of in-flight requests allowed at any given time. See Rate Limits for more info.

      • Default: 5 (requests)
    • uint (seconds)commonoptional

      rate_limit_duration_secs

      The time window, in seconds, used for the rate_limit_num option. See Rate Limits for more info.

      • Default: 1 (seconds)
    • uintcommonoptional

      rate_limit_num

      The maximum number of requests allowed within the rate_limit_duration_secs time window. See Rate Limits for more info.

      • Default: 5
    • uintoptional

      retry_attempts

      The maximum number of retries to make for failed requests. The default, for all intents and purposes, represents an infinite number of retries. See Retry Policy for more info.

      • Default: 18446744073709552000
    • uint (seconds)optional

      retry_initial_backoff_secs

      The amount of time to wait before attempting the first retry for a failed request. Once, the first retry has failed the fibonacci sequence will be used to select future backoffs.

      • Default: 1 (seconds)
    • uint (seconds)optional

      retry_max_duration_secs

      The maximum amount of time, in seconds, to wait between retries.

      • Default: 10 (seconds)
    • uint (seconds)commonoptional

      timeout_secs

      The maximum time a request can take before being aborted. It is highly recommended that you do not lower value below the service's internal timeout, as this could create orphaned requests, pile on retries, and result in duplicate data downstream. See Buffers & Batches for more info.

      • Default: 60 (seconds)
  • stringoptional

    tenant_id

    The tenant id that will be sent with every request, by default this is not required since a proxy should set this header. When running Loki locally a tenant id is not required either.

    You can read more about tenant id's here

    • No default
    • View examples
  • tableoptional

    tls

    Configures the TLS options for connections from this sink.

    • stringoptional

      ca_file

      Absolute path to an additional CA certificate file, in DER or PEM format (X.509), or an inline CA certificate in PEM format.

      • No default
      • View examples
    • stringcommonoptional

      crt_file

      Absolute path to a certificate file used to identify this connection, in DER or PEM format (X.509) or PKCS#12, or an inline certificate in PEM format. If this is set and is not a PKCS#12 archive, key_file must also be set.

      • No default
      • View examples
    • stringcommonoptional

      key_file

      Absolute path to a private key file used to identify this connection, in DER or PEM format (PKCS#8), or an inline private key in PEM format. If this is set, crt_file must also be set.

      • No default
      • View examples
    • stringoptional

      key_pass

      Pass phrase used to unlock the encrypted key file. This has no effect unless key_file is set.

      • No default
      • View examples
    • booloptional

      verify_certificate

      If true (the default), Vector will validate the TLS certificate of the remote host.

      • WARNING: Setting this to `false` means the certificate will be loaded and checked for validity, but the handshake will not attempt to verify the certificate. Do NOT set this to `false` unless you understand the risks of not verifying the remote certificate.
      • Default: true
      • View examples
    • booloptional

      verify_hostname

      If true (the default), Vector will validate the configured remote host name against the remote host's TLS certificate. Do NOT set this to false unless you understand the risks of not verifying the remote hostname.

      • Default: true
      • View examples

How It Works

Buffers & Batches

The loki sink buffers & batches data as shown in the diagram above. You'll notice that Vector treats these concepts differently, instead of treating them as global concepts, Vector treats them as sink specific concepts. This isolates sinks, ensuring services disruptions are contained and delivery guarantees are honored.

Batches are flushed when 1 of 2 conditions are met:

  1. The batch age meets or exceeds the configured timeout_secs.
  2. The batch size meets or exceeds the configured max_events.

Buffers are controlled via the buffer.* options.

Decentralized Deployments

Loki currently does not support out-of-order inserts. If Vector is deployed in a decentralized setup then there is the possibility that logs might get rejected due to data races between Vector instances. To avoid this we suggest either assigning each Vector instance with a unique label or deploying a centralized Vector which will ensure no logs will get sent out-of-order.

Environment Variables

Environment variables are supported through all of Vector's configuration. Simply add ${MY_ENV_VAR} in your Vector configuration file and the variable will be replaced before being evaluated.

You can learn more in the Environment Variables section.

Event Ordering

The loki sink will ensure that all logs are sorted via their timestamp. This is to ensure that logs will be accepted by Loki. If no timestamp is supplied with events then the Loki sink will supply its own monotonically increasing timestamp.

Health Checks

Health checks ensure that the downstream service is accessible and ready to accept data. This check is performed upon sink initialization. If the health check fails an error will be logged and Vector will proceed to start.

Require Health Checks

If you'd like to exit immediately upon a health check failure, you can pass the --require-healthy flag:

vector --config /etc/vector/vector.toml --require-healthy

Disable Health Checks

If you'd like to disable health checks for this sink you can set the healthcheck option to false.

Rate Limits

Vector offers a few levers to control the rate and volume of requests to the downstream service. Start with the rate_limit_duration_secs and rate_limit_num options to ensure Vector does not exceed the specified number of requests in the specified window. You can further control the pace at which this window is saturated with the in_flight_limit option, which will guarantee no more than the specified number of requests are in-flight at any given time.

Please note, Vector's defaults are carefully chosen and it should be rare that you need to adjust these. If you found a good reason to do so please share it with the Vector team by opening an issue.

Retry Policy

Vector will retry failed requests (status == 429, >= 500, and != 501). Other responses will not be retried. You can control the number of retry attempts and backoff rate with the retry_attempts and retry_backoff_secs options.

TLS

Vector uses Openssl for TLS protocols for it's battle-tested and reliable security. You can enable and adjust TLS behavior via the tls.* options.

Support
Contents
Resources