Ingestion Pipeline Templates Overview

Introduction

XDR Vector Templates define the data transformation and routing configurations for the Vector processing pipeline. These templates ensure consistent data processing across different log sources and destinations.

Directory Structure

The vector templates follow a standardized directory structure:

pre_build_config/vector/core_templates/
├── 000-*****
|   └── v{major}_{minor}_{patch}/
|       └── 000-*****.yml
├── 101-*****
|   └── v{major}_{minor}_{patch}/
|       └── 101-*****.yml
└── 201-*****
    └── v{major}_{minor}_{patch}/
        └── 201-*****.yml

Template Types

Source Templates (000-099)

File and stream sources
Message queue integrations
Network input handlers

Transform Templates (100-199)

Data transformation rules
Event filtering and routing
Field mapping and enrichment

Sink Templates (200-299)

Database outputs
Message queue publishing
Storage system integration

Integration with Pipeline Configuration

Configuration in xdr_package.yaml

Key Configuration Points:

Template paths follow numeric prefixes
Version control per template
Modular template selection

Version Control

Version format: v{major}{minor}{patch}
Each template versioned independently
Changes documented in release notes
Backward compatibility maintained

PreviousRelease Notes NextIngestion Pipeline Templates Release Notes

Last updated 1 year ago

hashtagIntroduction

hashtagDirectory Structure

hashtagTemplate Types

hashtagSource Templates (000-099)

hashtagTransform Templates (100-199)

hashtagSink Templates (200-299)

hashtagIntegration with Pipeline Configuration

hashtagConfiguration in xdr_package.yaml

hashtagVersion Control

hashtagRelated Documentation