Back to Dashboard

vector

0.56.0-alpine

Trust posture

πŸ“‹ SBOM ATTESTEDπŸ›‘ TRIVY: 0 critical / high (advisory) Β· SCANNED 2026-07-10πŸ— AMD64 + ARM64πŸ” REPRODUCE THESE CHECKS LOCALLY
PULLS 3.1K
STARS 0

VERIFIABLE TRUST ARTIFACTS

Provenance

Build commit
ed67d41
Build digest
sha256:1f8af9a60b10df96a8f38523d1c372196bab5175bd0879da07b648bec6f92375
Index digest
sha256:eccc3f2e9fc251c0667a761f0cec93fd21ab851eee5302ec505350015fbd17cc
Manifest digest (amd64)
sha256:8926ff80c1442357bf9cddf47e1df8462bd93a1762e4b5393e86c6b27612f3a6
Manifest digest (arm64)
sha256:bd81e4af4a0a3462325d00e33588b448f85975891a3ad5e0d3223a8ecd4c6029
SBOM attestation
34817658…
Trivy last scan
2026-07-10 20:42 UTC
Base image
Verify
gh attestation verify oci://ghcr.io/oorabona/vector:0.56.0-alpine --owner oorabona guide β†’

Security scan results

Trivy Β· last scan 2026-07-10

Last scan: (advisory mode β€” Trivy runs continue-on-error in CI; we surface findings, we do not block builds on them).

0Critical
0High
0Medium
0Low
0Info

No CRITICAL alerts at last scan (2026-07-10).

Top advisories (upstream, advisory)

    β†’ Full report via gh api β€” see Verify Images.

    Explore

    Build lineagesha256:
    Build Lineage
    Build Digest sha256:1f8af9a60b10df96a8f38523d1c372196bab5175bd0879da07b648bec6f92375
    Base Image
    OS_IMAGE_TAG latest
    Package summary n/a β€” runtime parsed
    Recent changes n/a β€” runtime parsed
    Build history n/a β€” runtime fetched

    Documentation

    README

    Vector

    Docker Hub GHCR Build

    High-performance observability data pipeline for collecting, transforming, and routing logs, metrics, and events. Built on Vector with a pre-built musl static binary on Alpine Linux.

    Why this image

    This image packages Vector as a minimal, production-hardened container suited for vendor-free observability pipelines.

    • Minimal attack surface. Built on Alpine Linux using the upstream musl-linked static Vector binary from GitHub Releases. The binary is self-contained β€” it does not depend on glibc or a shell interpreter at runtime, even though Alpine still ships ash for image-level operations.
    • Multiple architectures. Published for both linux/amd64 and linux/arm64, tested on each arch in CI. Pulls the correct platform layer automatically on docker pull.
    • Verifiable provenance. Every build produces a Sigstore SBOM attestation (cosign) and a Trivy vulnerability scan. Digests are recorded in build lineage and surfaced on the dashboard.
    • Automated upstream tracking. The upstream-monitor workflow checks the Vector GitHub release feed daily and opens a PR when a new version is available, keeping the image current without manual intervention.
    • Common sink/source coverage. Supports Docker log collection, syslog, file tailing, Prometheus scrape, and OpenTelemetry out of the box. Pairs directly with the oorabona/postgres:<version>-full-alpine flavor (TimescaleDB + ParadeDB) for a complete vendor-free log/metrics store β€” see the PostgreSQL sink example below.

    Verify this image

    Every build ships a Sigstore-signed SBOM and a full Trivy scan β€” verify them yourself, no login required:

    gh attestation verify oci://ghcr.io/oorabona/vector:latest --owner oorabona
    

    Full walkthrough (SBOM payload, Trivy findings, multi-arch manifest inspection, upstream dependency tracking) β†’ https://oorabona.github.io/docker-containers/verify-images/

    Quick Start

    # Pull the image
    docker pull ghcr.io/oorabona/vector:latest
    
    # Run with default demo config (generates sample logs β†’ console)
    docker run -d --name vector -p 8686:8686 ghcr.io/oorabona/vector:latest
    
    # Run with custom config
    docker run -d --name vector \
      -v /path/to/vector.yaml:/etc/vector/vector.yaml:ro \
      -p 8686:8686 \
      ghcr.io/oorabona/vector:latest
    
    # Monitor pipeline performance
    docker exec vector vector top
    

    Build

    # Build with latest upstream version
    ./make build vector
    
    # Build with specific version
    ./make build vector 0.53.0
    

    Build Args

    Arg Default Description
    VERSION latest Full version tag (set by build system)
    UPSTREAM_VERSION (auto) Raw upstream version (e.g., 0.53.0)
    OS_IMAGE_BASE alpine Base image distribution
    OS_IMAGE_TAG latest Base image tag

    Configuration

    Vector uses a YAML configuration file at /etc/vector/vector.yaml. The default config runs a demo pipeline that generates sample JSON logs and prints them to the console.

    For production, mount your own configuration:

    # vector.yaml β€” collect Docker logs, enrich, send to PostgreSQL
    api:
      enabled: true
      address: "0.0.0.0:8686"
    
    sources:
      docker_logs:
        type: docker_logs
    
    transforms:
      enrich:
        type: remap
        inputs: ["docker_logs"]
        source: |
          # Parse structured fields and add metadata
          .host = get_hostname!()
          .environment = get_env_var("VECTOR_ENV") ?? "production"
          .processed_at = now()
    
    sinks:
      postgresql:
        type: postgres
        inputs: ["enrich"]
        endpoint: "postgresql://vector:password@postgres:5432/observability"
        table: "logs"
        encoding:
          codec: json
    

    PostgreSQL Sink (Vendor-Free Observability)

    Vector pairs with our postgres:full image (TimescaleDB + pgvector + ParadeDB + Citus) for a complete vendor-free observability stack:

    • Logs β†’ PostgreSQL with TimescaleDB hypertables for time-series queries
    • Metrics β†’ PostgreSQL with continuous aggregates for efficient rollups
    • Search β†’ ParadeDB BM25 index for full-text search over logs

    See examples/docker-compose.yaml for a ready-to-run stack.

    Ports

    Port Service
    8686 Vector API (health checks, vector top, GraphQL playground)

    Additional ports depend on your configured sources (e.g., 514 for syslog, 9000 for Prometheus scrape, 4317 for OpenTelemetry).

    Volumes

    Path Purpose
    /etc/vector/vector.yaml Configuration file (mount read-only)
    /var/lib/vector/ Buffer data directory (for disk buffers)

    Health Check

    Built-in health check via Vector API:

    GET http://localhost:8686/health β†’ {"ok": true}
    

    Management

    # Reload configuration without restart (graceful)
    docker kill --signal=HUP vector
    
    # View real-time pipeline metrics
    docker exec vector vector top
    
    # Validate configuration before deploying
    docker exec vector vector validate /etc/vector/vector.yaml
    
    # View logs
    docker logs -f vector
    

    Architecture

    Sources (inputs)          Transforms (VRL)            Sinks (outputs)
    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”          β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”        β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
    β”‚ docker_logs  │───┐      β”‚ remap (enrich)   │───┐    β”‚ PostgreSQL   β”‚
    β”‚ syslog       │─────────>β”‚ filter (route)   │───────>β”‚ S3 / GCS     β”‚
    β”‚ file         │────      β”‚ aggregate        │────    β”‚ Elasticsearchβ”‚
    β”‚ prometheus   β”‚β”€β”€β”€β”˜      β”‚ dedupe           β”‚β”€β”€β”€β”˜    β”‚ console      β”‚
    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜          β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜        β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
    

    Runs as non-root user vector (uid 1000). Pre-built musl-linked static binary downloaded from GitHub releases β€” supports x86_64 and aarch64.

    Security Considerations

    • Runs as non-root user vector (uid 1000)
    • No shell access required β€” single static binary
    • Mount config read-only (:ro)
    • Use environment variables or secrets for sink credentials
    • Buffer data at /var/lib/vector/ β€” mount a volume for persistence and to avoid data loss on restart
    • TLS supported for all network sources and sinks

    Dependencies

    Component Version Source Monitoring
    Vector 0.53.0 GitHub upstream-monitor
    Alpine Linux latest Base image upstream