I've got the nginx access_log set up to syslog. The syslog in docker is rsyslog docker appliance alpine (https://hub.docker.com/r/rsyslog/syslog_appliance_alpine).
From rsyslog docker, I could see the nginx logs poured in rsyslog completely.
Whereas vector.dev
[sources.syslog]
type = "syslog"
address = "127.0.0.1:514"
mode = "udp"
[sinks.console]
type = "console"
inputs = ["syslog"]
encoding.codec = "text"
- The sources.syslog seems not working
- Thereby I tried to pose a console sink whose inputs = "syslog" (as sources). But no log was printed out at all but kept on listening
2024-03-08 13:28:51 2024-03-08T13:28:51.436689Z INFO source{component_kind="source" component_id=syslog component_type=syslog}: vector::sources::syslog: Listening. addr=127.0.0.1:514 type="udp"
My question is:
- Is there anything going wrong on my vector.dev configuration?
- Any alternative way just to let vector.dev embrace syslog's logs under any other manners (e.g socket...)?
Thanks