Vector output sink for log forwarding

Use our Vector output sink to connect your Vector-monitored log data to New Relic. Read on to learn how to configure and test the Vector New Relic logs sink.

Compatibility and requirements

To forward your logs to New Relic using Vector, ensure your configuration meets the following requirements:

Configure the Vector New Relic Logs sink

To configure the Vector New Relic logs sink:

  1. Choose one of the following options for adding a snippet to your vector.conf file (located in /etc/vector by default):
    Configure with the New Relic license key (recommended)

    Replace YOUR_LICENSE_KEY with the New Relic license key:

    
    data_dir = "/var/lib/vector"
    
    # Ingest data by tailing one or more files
    
    [sources.mylog]
      type = "file"
      include = ["/path/to/file"] # Specify file or files to be tailed
      ignore_older = 86400 # Ignore events older than 1 day
      file_key = "file" # Add filename to log events
      host_key = "host" # Add hostname to log events
    
    # Configure sink to forward events to New Relic Logs
    
    [sinks.new_relic_logs]
      # REQUIRED
      type = "new_relic_logs" # must be: "new_relic_logs"
      inputs = ["mylog"] # example - value must be one or more source IDs
      license_key = "YOUR_LICENSE_KEY"
      region = "us" # Enum, must be one of: "us" "eu" depending on your New Relic Logs account region
    
      # OPTIONAL
      healthcheck = true # default
    
    Configure with the New Relic Insert API key

    Replace YOUR_INSERT_KEY with the Insert API key:

    data_dir = "/var/lib/vector"
    
    # Ingest data by tailing one or more files
    
    [sources.mylog]
      type = "file"
      include = ["/path/to/file"] # Specify file or files to be tailed
      ignore_older = 86400 # Ignore events older than 1 day
      file_key = "file" # Add filename to log events
      host_key = "host" # Add hostname to log events
    
    # Configure sink to forward events to New Relic Logs
    
    [sinks.new_relic_logs]
      # REQUIRED
      type = "new_relic_logs" # must be: "new_relic_logs"
      inputs = ["mylog"] # example - value must be one or more source IDs
      insert_key = "YOUR_INSERT_KEY" 
      region = "us" # Enum, must be one of: "us" "eu" depending on your New Relic Logs account region
    
      # OPTIONAL
      healthcheck = true # default
    
  2. Restart the Vector service to ensure your changes are applied.

Test the Vector New Relic logs sink

To test if the New Relic logs sink is forwarding events:

  1. Run the following command to append a test log message to your log file:
    echo "test message" >> /PATH/TO/YOUR/LOG/FILE
  2. Search New Relic Logs UI for your test message.

View log data

If everything is configured correctly and your data is being collected, you should see data logs in both of these places:

What's next?

Now that you've enabled Logs, here are some potential next steps:

If no data appears after you enable New Relic Logs, follow the troubleshooting procedures.

For more help