Vector output sink for log forwarding

If your log data is already being monitored by Vector, you can use our Vector output sink to forward and enrich your log data in New Relic.

Forwarding your Vector logs to New Relic will give you enhanced log management capabilities to collect, process, explore, query, and alert on your log data.

Configure the Vector logs sink for New Relic

To forward your logs from Vector to New Relic:

1. Make sure you have:

   • A New Relic license key
   • Vector version 0.7.0 or higher

2. Follow the procedures to configure the Vector logs sink for New Relic.

3. Add a snippet to your vector.toml file (located in /etc/vector by default), replacing YOUR_LICENSE_KEY with your New Relic license key:

   # Ingest data by tailing one or more files
   
   [sources.mylog]
   type          = "file"
   include       = ["/path/to/file"] # Specify file or files to be tailed
   ignore_older  = 86400             # Ignore events older than 1 day
   file_key      = "file"            # Add filename to log events
   host_key      = "host"            # Add hostname to log events
   
   # Configure sink to forward events to New Relic
   
   [sinks.new_relic_logs]
   # REQUIRED
   type            = "new_relic_logs"   # must be: "new_relic_logs"
   inputs          = ["mylog"]          # example - value must be one or more source IDs
   license_key     = "YOUR_LICENSE_KEY"
   region          = "us"               # Enum, must be one of: "us" "eu" depending on your New Relic account region
   encoding.codec  = "json"
   
   # OPTIONAL
   healthcheck = true                   # default

   Copy

4. Restart the Vector service to ensure your changes are applied.

Test the Vector logs sink

To test if your Vector logs sink is forwarding events to New Relic:

1. Run the following command to append a test log message to your log file:

   bash

   Copy

   $
   echo "test message" >> /PATH/TO/YOUR/LOG/FILE

2. Search our logs UI for your test message.

View log data

If everything is configured correctly and your data is being collected, you should see log data in both of these places:

• Our logs UI
• Our tools for running NRQL queries. For example, you can execute a query like this:

SELECT * FROM Log

If no data appears after you enable our log management capabilities, follow our standard log troubleshooting procedures.

What's next?

Explore logging data across your platform with our logs UI.

• Get deeper visibility into both your application and your platform performance data by forwarding your logs with our logs in context capabilities.
• Set up alerts.
• Query your data and create dashboards.

Disable log forwarding

To disable log forwarding capabilities, follow standard procedures in Vector logs sink documentation. You do not need to do anything else in New Relic.