November 11, 2025
vector.dev
log and telemetry forwarder agent.
I use it here to get my syslog (synology etc.) and my unfi logs into my loki log management. Unfi gateways have the option to forward logs to a remote server, but unfortunately only via udp and raw (no syslog formatting).
sudo vector -w -c /etc/vector/vector.yaml
-
-w watch config with reload
data_dir: "/var/lib/vector"
sources:
syslog_tcp:
type: syslog
mode: tcp
address: "0.0.0.0:5140"
unifi_raw_udp:
type: socket
mode: udp
address: "0.0.0.0:5140"
demo_sample_log:
type: demo_logs
count: 3
format: syslog
transforms:
unifi_normalized:
type: remap
inputs:
- unifi_raw_udp
source: |
# Ensure UTF-8
.message = to_string!(.message)
# Ensure timestamp exists and is valid for Loki
# UniFi raw logs have no timestamps, so we assign one
.timestamp = now()
# Pass through
unifi_prepare_loki:
type: remap
inputs:
- unifi_normalized
source: |
. = {
"message": .message,
"timestamp": .timestamp,
"host": "unifi"
}
sinks:
loki:
type: loki
inputs:
- syslog_tcp
- demo_sample_log
endpoint: "http://localhost:3100"
encoding:
codec: json
labels:
job: "syslog"
out_of_order_action: "accept"
loki-unifi:
type: loki
inputs:
- unifi_prepare_loki
endpoint: "http://localhost:3100"
encoding:
codec: text
labels:
job: "unifi"
debug_output_console:
type: console
inputs:
# - unifi_prepare_loki
- demo_sample_log
encoding:
codec: jsonLogs can be found in grafana now: http://regmonitor.regserver.
