Warning
This repository is new and experimental.
A community-driven repository of Vector Remap Language (VRL) programs and examples for transforming, normalizing, and enriching observability data.
Note: VRL programs in this repository are community-contributed and not officially supported by DataDog maintainers. Always test programs in a non-production environment first.
VRL Contrib is a central hub for sharing VRL programs that help you:
- Transform logs into standard formats like OCSF, ECS, and more
- Normalize data from various sources (cloud providers, security tools, applications)
- Enrich events with contextual information
- Parse and structure unstructured log data
- Learn VRL through real-world examples
vrl-contrib/
βββ programs/ # Complete VRL programs
β βββ aws/ # AWS service log transformations
β βββ kubernetes/ # Kubernetes log parsing
β βββ security/ # Security tool integrations
β βββ ...
βββ examples/ # Learning examples and tutorials
- Vector Documentation - Official Vector docs
- VRL Reference - VRL language reference
- VRL Functions - Built-in VRL functions
- VRL Playground - Test VRL online
We welcome contributions from everyone! Here's how you can help:
- Add new VRL programs for data sources not yet covered
- Improve existing programs with better performance or features
- Submit examples that help others learn VRL
- Report issues or suggest improvements
- Review pull requests from other contributors
- Fork this repository
- Create a branch for your contribution
git checkout -b my-awesome-vrl-example
- Add your VRL program in the appropriate directory
- Include tests and examples showing input/output
- Submit a pull request with a clear description
- Converting vendor-specific logs to open standards (OCSF, ECS)
- Normalizing multi-cloud logs into a unified schema
- Enriching security events with threat intelligence
- Parsing and structuring unstructured application logs
- Extracting metrics from log data
- Redacting sensitive information (PII, credentials)