What would be the best way to get DCOS Mesos/Marathon to forward their containers logging to Splunk?
As our Devs told me,
"Docker’s runtime (excluding Docker Images) is already deprecated and we are going to get rid of the Docker daemon with time. Therefore when working with logging we should focus only on what DCOS & Mesos provide"
Being Mesos just a way to orchestrate Docker clusters
I'm looking for a way to achieve the same as Docker's logging driver into Splunk's HTTP event Collector
DC/OS has a really good write up on how to configure logging from their platform into Splunk. The write up includes all of the services that can be pulled out of journald and brought into splunk. It also includes commands to create the input stanza.