How to install and configure a universal forwarder...

AzmathShaik · ‎01-03-2017

Hello

i was looking at Splunk docs regarding how to install Splunk forwarder and configure inputs to forward logs from Docker container. Unluckily, I could not find any thing. Can any one help me in what is the process to install and read logs from Docker container??

Thanks in advance

tormodbp · ‎01-03-2017

Hi,

Before I present you some possible links for further reading, I must state that I have not done this myself yet.

Back in 2015 Splunk blog had a development blog entry about "Integrating Splunk with Docker, CoreOS and JournalID".
In the blog post it explains how to integrate a universal forwarder into an environment where all applications are run in docker containers, and thus do not support regular installation of a forwarder. Docker container used for the Splunk forwarder is publicly available in the Docker hub. Source is available on Github.

I believe that the above mentioned blogpost would assist you in your problem.

Sorry that I could not assist you further with a solution.

Cheers,

How to install and configure a universal forwarder on servers that are running applications in a Docker container?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Index This | What travels the world but is also stuck in place?

Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data

Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...

Join the Conversation