I am using Splunk Cloud with the free trial period right now. I need to verify that we are able to use Splunk Cloud with Docker log-driver before we actually move forward with Splunk long-term. I turned on the HTTP Event Collector in Splunk, but I am not able to pass logs via the Docker log-driver options even with splunk-insecureskipverify set to true. See below.
docker run --log-driver=splunk --log-opt splunk-token=C041DEEB-XXXX-XXX-9F5F-3XXXXXXXXXD1C --log-opt splunk-url=https://input-prd-p-5XXXXXXXXX.cloud.splunk.com:8088 --log-opt splunk-insecureskipverify=true hello-world
docker: Error response from daemon: Failed to initialize logging driver: remote error: handshake failure.
Although I did verify the the HTTP event collector is working with the curl command provided. Although that includes /services/collector in the URL, when that is passed to docker run command, it errors out not expecting it to include the full URI.
... View more