Skip to content

AUCR/splunk_docker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
standalone
standalone
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
app_info.txt
app_info.txt
 
 
app_list.py
app_list.py
 
 
app_list.txt
app_list.txt
 
 
install.sh
install.sh
 
 
splunk.env
splunk.env
 
 

Repository files navigation

splunk_docker

A Dockerized Splunk Project

How to install with Ubuntu 18.04/20.04

Open a new Terminal and Clone the repo

git clone https://github.com/aucr/splunk_docker

Navigate to the splunk_docker directory

cd splunk_docker

All in one Setup Script

sudo bash install.sh

Access Web UI

http://splunk.aucr.local:8000
username:admin
password:P@ssword*1234!

Manual Setup

  1. Install docker

  2. Install docker-compose

  3. Make required directory's

     sudo mkdir /opt/ && sudo mkdir /opt/splunk/ && sudo mkdir /opt/splunk/etc && sudo mkdir /opt/splunk/var && sudo mkdir /opt/splunk/plugins

  4. Modify app_info.txt and comment out which plugins you want to disable. To enable a plugin simply remove the #.

    • To import from a file import the .tgz file into the plugins directory.

        cp plugins/*.tgz /opt/splunk/plugins

  5. Customize splunk.env for your needs

  6. Setup permissions on the splunk directories

     sudo chown -R $USER:docker /opt/splunk/

  7. Start container services with docker-compose

     sudo docker-compose up -d

TroubleShooting

Navigate to the main splunk_docker directory

cd ~
cd splunk_docker

Splunk service inspection with docker-compose logs

    sudo docker-compose logs -f

About

A Dockerized Splunk Project

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

6 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages