Getting Data In

splunk with Docker in windows

Communicator

Hello
is it possible to run splunk in docker container in windows ?
if yes, can someone link me to the installation guide ?

thanks

0 Karma

Communicator

No, Currently docker image of Splunk does not support in windows. Till now it only supports the Linux bases operating system.
It clearly mention in the prerequisitealt text

Splunk Employee
Splunk Employee

Hi! Splunk doesn't currently produce a Windows based Splunk image.

https://splunk.github.io/docker-splunk/SUPPORT.html

That being said, if you can handle creating Windows based Dockerfiles, you can simply create your own image. I haven't seen any samples out there in my travels.

0 Karma

Super Champion

Yes, it does. One of our POC was done in Windows, but was not elaborate

  1. Install Docker and try out another container to see everything is working
  2. Download Splunk docker image from: https://hub.docker.com/r/splunk/splunk/
  3. Follow instructions in there. This is a very basic setup

For a more elaborated clustered setup, with ansible & docker compose, follow github repo https://github.com/getkub/ansible_docker_splunk . This is more complex though

0 Karma

Communicator

hi
thanks for your reply
i did all of this but im getting error :

ERROR: Couldn't read "/opt/splunk/etc/splunk-launch.conf" -- maybe $SPLUNK_HOME or $SPLUNK_ETC is set wrong?

0 Karma

Super Champion

did you volume mount $SPLUNK_HOME/etc to another location?
which version of splunk (within docker) you are using?

There are few similar errors as per post: https://answers.splunk.com/answers/553373/couldnt-determine-splunk-home-perhaps-it-should-be.html

0 Karma

Communicator

hi
did not volume mount $SPLUNK_HOME
latest version of splunk

0 Karma

Super Champion

in that case, you may need shell access to the splunk container.
1. Try creating a splunk-launch.conf within your windows system (eg: SPLUNK_HOME=/opt/splunk)
2. Do a docker copy from host to container
eg docker cp C:\somewhere\in_windows\splunk-launch.conf <containerId>:/opt/splunk/etc/splunk-launch.conf

Try running again

0 Karma

Communicator

how is that possible that in windows i will have path like /opt/splunk
it is a linux path

0 Karma

New Member

1.what hoshky said is put a splunk-launch.conf file into splunk's container
2."/opt/splunk" is the path in splunk's container, not path in windows OS
3.After done what hoshky said, I could access localhost:8000

0 Karma
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!