diff --git a/docker/images/vector/vector.toml b/docker/images/vector/vector.toml
index 5d8cdaac3..df7327f0b 100644
--- a/docker/images/vector/vector.toml
+++ b/docker/images/vector/vector.toml
@@ -14,15 +14,11 @@ include_labels = ["vector.provider=true"]
 type = "remap"
 inputs = ["provider"]
 source = '''
-.host="$OO_HOST"
-del(.container_created_at)
-del(.container_id)
-del(.host)
-del(.image)
-del(.label)
-del(.source_type)
-del(.stream)
+.=parse_json!(string!(.message))
+del(.message)
 del(.timestamp)
+del(._timestamp)
+.host="$OO_HOST"
 '''
 
 # print to console the provider logs
@@ -70,7 +66,6 @@ source = '''
 .host="$OO_HOST"
 del(.id)
 del(.from)
-del(.host)
 del(.Type)
 .name=.Actor.Attributes.name
 del(.Actor)
@@ -79,6 +74,7 @@ del(.time)
 del(.timeNano)
 del(.source_type)
 del(.timestamp)
+del(._timestamp)
 '''
 
 # print docker events to console
@@ -111,6 +107,8 @@ inputs = ["caddy"]
 source = '''
 .=parse_json!(string!(.message))
 .host="$OO_HOST"
+del(.timestamp)
+del(._timestamp)
 del(.ts)
 del(.user_id)
 del(.size)
@@ -144,6 +142,7 @@ source = '''
 .host="$OO_HOST"
 del(.t)
 del(.id)
+del(.timestamp)
 del(._timestamp)
 '''