vector
Vector — the canonical log shipper. Runs as a DaemonSet on every node, tails container stdout/stderr, applies parse + redact transforms, and ships to Loki.
Identity
| Field | Value |
|---|---|
| Service id | vector |
| Role | observability |
| Image | timberio/vector:0.43.0-alpine |
| Port | (no public listener; metrics on :9598) |
Deployment surfaces
| Surface | Where |
|---|---|
| Compose | service vector in alphaswarm_platform/compose/docker-compose.platform.yml |
| Kustomize | observability/vector/ — DaemonSet + ConfigMap |
Pipelines
kubernetes_logssource → JSON parser → metadata enrichment (pod labels, namespace, cell id, tenant id) → redaction transform.- Sinks:
loki(canonical) +phoenix(only for spans taggedservice.namespace=alphaswarm.ai).
Redaction
- The redact transform strips any field whose lower-cased name
contains
password,secret,token,key,credential,private,authorization,kubeconfig,client_secret,api_token,api_key,jwt,refresh_token,access_token. - Same allowlist as
WorkloadRuntimeredaction — see thealphaswarm-management-enginerule.
See also
loki.md— primary sink.alphaswarm-management-engine— redaction allowlist.