Getting Data In

How to install and configure a universal forwarder on servers that are running applications in a Docker container?

AzmathShaik
Path Finder

Hello

i was looking at Splunk docs regarding how to install Splunk forwarder and configure inputs to forward logs from Docker container. Unluckily, I could not find any thing. Can any one help me in what is the process to install and read logs from Docker container??

Thanks in advance

0 Karma

tormodbp
Path Finder

Hi,

Before I present you some possible links for further reading, I must state that I have not done this myself yet.

Back in 2015 Splunk blog had a development blog entry about "Integrating Splunk with Docker, CoreOS and JournalID".
In the blog post it explains how to integrate a universal forwarder into an environment where all applications are run in docker containers, and thus do not support regular installation of a forwarder. Docker container used for the Splunk forwarder is publicly available in the Docker hub. Source is available on Github.

I believe that the above mentioned blogpost would assist you in your problem.

Sorry that I could not assist you further with a solution.

Cheers,

0 Karma
Get Updates on the Splunk Community!

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...