docker-splunk

docker-splunk copied to clipboard

adityapinglesf

Require Linux/ARM64 docker image for  splunk/universalforwarder

11

Hi Team,     I have been working on building splunk/universalforwarder image for both amd64 and arm64 platforms and I have successfully built all the images for both the platform. Although, the...

odidev

Index creation using default.yml is no longer working in splunk images > 9.0.7. I'm running Splunk in Docker Desktop 4.27.2 on Windows 11. The attached docker-compose and default files work...

pauljmelia

Splunk 9.1.3 has a regression on the `SPLUNKD_SSL_ENABLE` variable

2

Running `docker run -it --rm -e "SPLUNK_START_ARGS=--accept-license" -e "SPLUNK_PASSWORD=Valid_password!" -e "SPLUNKD_SSL_ENABLE=false" -e GITHUB_ACTIONS=true -e CI=true -p 8089:8089 -p 8088:8088 -v "/$(pwd)/test/configs/splunk/server.conf":"/etc/system/local/server.conf" splunk/splunk:9.1.2` works w/r to spinning up a usable splunk...

Amndeep7

i was trying to install the official app 'Splunk add on for linux' on a recent docker image and noticed that the app is unusable, it fails with the "hostname"...

joefubar42

The tail command used to emit `splunkd_stderr.log` (or a custom log file) to stdout does not handle the file being rotated/renamed. The current command uses `-f` https://github.com/splunk/docker-splunk/blob/9.1.1/splunk/common-files/entrypoint.sh#L65 but likely should...

chancepants

How to find events that were sent to HEC?

1

Hi, I’m using splunk docker image with HEC to send log. I got Success message as the [guideline](https://splunk.github.io/docker-splunk/EXAMPLES.html#create-standalone-with-hec). How could I query the log to see “hello world”, which was...

ningziwen

Containers do not start for standalone and universal forward example.

3

The example docker compose file here does properly start any splunk containers using version splunk/splunk:9.1.1 and splunk/universalforwarder:9.0.5: https://splunk.github.io/docker-splunk/EXAMPLES.html#create-standalone-and-universal-forwarder Here is my docker-compose.yml: ``` version: "3.6" networks: splunknet: driver: bridge attachable:...

djflux

250+ CVEs In Red Hat Linux Splunk Docker Image

10

Recently splunk official image scanned with one of our scanners (Prisma Cloud) and it's showing 250+ CVEs in it.  We are using splunk docker from [https://hub.docker.com/r/splunk/splunk/tags?page=1](https://hub.docker.com/r/splunk/splunk/tags?page=1) Is this image...

Subrhamanya

Conf setting is duplicating configuration

1

## Issue When you want to set a configuration using the [default.yml - configuration-files ](https://github.com/splunk/splunk-ansible/blob/develop/docs/advanced/default.yml.spec.md#configuration-files) option the resulting Splunk configuration is broken as options are duplicated: ```ini [kvstore] storageEngine =...

dp-42