I have installled splunk/splunk:latest and exposed it on 8000 per the instructionsI can get to the GUI on localhost:8000 and retrieved a HEC token
when I try to validate the install using
curl -k https://localhost:8088/services/collector/event -H "Authorization: Splunk my-hec-token" -d '{"event": "hello world"}'
I get this ERROR
Failed to connect to localhost port 8088: Connection refusedNote: I am using the correct token
Looks like that exposes a number of ports, docker ps -a gives
8065/tcp, 8088-8089/tcp, 8191/tcp, 9887/tcp, 0.0.0.0:8000->8000/tcp, :::8000->8000/tcp, 9997/tcp splunkSo I guess that means 8088 is automatically exposed?
the instructions on hub.docker.com say to expose 8000docker run -d -p 8000:8000 -e "SPLUNK_START_ARGS=--accept-license" -e "SPLUNK_PASSWORD=xxxxxxxxxx" --name splunk splunk/splunk:latestUsing this I can navigate to the GUI localhost:8000
@samdc98
Not sure about the default ports exposed during docker run but you can try by exposing manually
docker run -d -p 8000:8000 -8088:8088 -e "SPLUNK_START_ARGS=--accept-license" -e "SPLUNK_PASSWORD=xxxxxxxxxx" --name splunk splunk/splunk:latest
KV
did you exposed 8088 from docker container ?
-p 8088:8088
