Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

What is the best way to get DCOS Mesos/Marathon to forward their containers logging into Splunk?

splunk_zen
Builder
‎12-12-2016 07:04 AM

What would be the best way to get DCOS Mesos/Marathon to forward their containers logging to Splunk?

As our Devs told me,
"Docker’s runtime (excluding Docker Images) is already deprecated and we are going to get rid of the Docker daemon with time. Therefore when working with logging we should focus only on what DCOS & Mesos provide"

Being Mesos just a way to orchestrate Docker clusters
I'm looking for a way to achieve the same as Docker's logging driver into Splunk's HTTP event Collector

0 Karma
Reply

mmcginnis2
Explorer
‎10-04-2017 11:31 AM

DC/OS has a really good write up on how to configure logging from their platform into Splunk. The write up includes all of the services that can be pulled out of journald and brought into splunk. It also includes commands to create the input stanza.

Link: https://dcos.io/docs/1.10/monitoring/logging/aggregating/splunk/

0 Karma
Reply

splunk_zen
Builder
‎06-14-2018 04:03 AM

The ingestion part was never an issue but rather the parsing one, which wasn't particularly well documented in 2016
https://docs.mesosphere.com/1.10/monitoring/logging/aggregating/filter-splunk/

0 Karma
Reply
Get Updates on the Splunk Community!

Index This | Why did the turkey cross the road?

November 2025 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  🚀 Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Feel the Splunk Love: Real Stories from Real Customers

Hello Splunk Community,    What’s the best part of hearing how our customers use Splunk? Easy: the positive ...