I followed steps in "Heroku App for Splunk"...
The question that I have is that I am using the IP address of the docker container (from "docker inspect").
Do I need to open port 514 on the Docker container?
Any help or insight is appreciated!
You'll also need to ensure that IP Forwarding is enabled on the OS in order to allow Docker to do what you are attempting.
I don't know Mac OS, but the Linux equivalent is set via sysctl:
net.ipv4.conf.all.forwarding = 1
net.ipv6.conf.all.forwarding = 1
Without those Docker will never be able to communicate with the outside world.
Where are you running docker, also what version/flavor?
You will need to expose the port to the host, so that the host machine running docker can bridge or route the external traffic to the container.
First, thanks for your response! I realized I was a bit too hasty and didn't really provide a lot of info.
- Version: 18.03.1
- System: Macbook Pro / macOS 10.13.4
- Image: splunk/splunk
- Run command: docker run -d -e "SPLUNK_START_ARGS=--accept-license" -e "SPLUNK_USER=root" -p "8000:8000" -p "514:514" splunk/splunk
I am attempting to receive a log stream from Heroku (via a log drain, with a target IP and port, which I am using my Mac's current IP address). Splunk listens on Port 514. I know I've setup the drain correctly on the Heroku side. I've got nettop running on my Mac and I see data coming in.
It seems like I need to bridge into the container. So I must have setup the run command incorrectly. Not sure what to do...should I just open all of the ports to the container? Can I do that on a running container?
I appreciate your help!!