I have splunk enterprise setup on a separate machine and I have an application running on another instance.
Now I am trying to start a docker with splunkforwarder image to forward my application logs to the splunk indexer.
This is the command I used:
sudo docker run -d --name uf1 --hostname uf1 -e "SPLUNK_PASSWORD=<>" -e "SPLUNK_START_ARGS=--accept-license" -e "SPLUNK_STANDALONE_URL=https://XX.XXX.X.XXX:8080" -e "SPLUNK_CMD='add monitor /var/log/hello/hello.log -index abc -host abc.host'" -it splunk/universalforwarder:latest
When I run above command, it keeps failing with this error:
FAILED - RETRYING: Execute Splunk commands (50 retries left).
Please help!
... View more