Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

What is the best way to get DCOS Mesos/Marathon to forward their containers logging into Splunk?

splunk_zen
Builder
‎12-12-2016 07:04 AM

What would be the best way to get DCOS Mesos/Marathon to forward their containers logging to Splunk?

As our Devs told me,
"Docker’s runtime (excluding Docker Images) is already deprecated and we are going to get rid of the Docker daemon with time. Therefore when working with logging we should focus only on what DCOS & Mesos provide"

Being Mesos just a way to orchestrate Docker clusters
I'm looking for a way to achieve the same as Docker's logging driver into Splunk's HTTP event Collector

0 Karma
Reply

mmcginnis2
Explorer
‎10-04-2017 11:31 AM

DC/OS has a really good write up on how to configure logging from their platform into Splunk. The write up includes all of the services that can be pulled out of journald and brought into splunk. It also includes commands to create the input stanza.

Link: https://dcos.io/docs/1.10/monitoring/logging/aggregating/splunk/

0 Karma
Reply

splunk_zen
Builder
‎06-14-2018 04:03 AM

The ingestion part was never an issue but rather the parsing one, which wasn't particularly well documented in 2016
https://docs.mesosphere.com/1.10/monitoring/logging/aggregating/filter-splunk/

0 Karma
Reply
Get Updates on the Splunk Community!

New Year, New Changes for Splunk Certifications

As we embrace a new year, we’re making a small but important update to the Splunk Certification ...

Stay Connected: Your Guide to January Tech Talks, Office Hours, and Webinars!

What are Community Office Hours? Community Office Hours is an interactive 60-minute Zoom series where ...

[Puzzles] Solve, Learn, Repeat: Reprocessing XML into Fixed-Length Events

This challenge was first posted on Slack #puzzles channelFor a previous puzzle, I needed a set of fixed-length ...