Ingestion Pipeline Templates Overview
Introduction
XDR Vector Templates define the data transformation and routing configurations for the Vector processing pipeline. These templates ensure consistent data processing across different log sources and destinations.
Directory Structure
The vector templates follow a standardized directory structure:
pre_build_config/vector/core_templates/
├── 000-*****
| └── v{major}_{minor}_{patch}/
| └── 000-*****.yml
├── 101-*****
| └── v{major}_{minor}_{patch}/
| └── 101-*****.yml
└── 201-*****
└── v{major}_{minor}_{patch}/
└── 201-*****.ymlTemplate Types
Source Templates (000-099)
File and stream sources
Message queue integrations
Network input handlers
Transform Templates (100-199)
Data transformation rules
Event filtering and routing
Field mapping and enrichment
Sink Templates (200-299)
Database outputs
Message queue publishing
Storage system integration
Integration with Pipeline Configuration
Configuration in xdr_package.yaml
Key Configuration Points:
Template paths follow numeric prefixes
Version control per template
Modular template selection
Version Control
Version format: v{major}{minor}{patch}
Each template versioned independently
Changes documented in release notes
Backward compatibility maintained
Related Documentation
Last updated