https://github.com/readytalk/docker-splunkforwarder

Simple splunk forwarder utilizing runtime templates (reefer) and docker
https://github.com/readytalk/docker-splunkforwarder

Last synced: 10 months ago
JSON representation

Simple splunk forwarder utilizing runtime templates (reefer) and docker

• Host: GitHub
• URL: https://github.com/readytalk/docker-splunkforwarder
• Owner: ReadyTalk
• Created: 2015-04-06T21:34:42.000Z (almost 11 years ago)
• Default Branch: master
• Last Pushed: 2015-04-06T22:14:03.000Z (almost 11 years ago)
• Last Synced: 2025-01-16T00:02:40.475Z (12 months ago)
• Size: 129 KB
• Stars: 1
• Watchers: 8
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# docker-splunkforwarder

Simple splunk forwarder utilizing runtime templates (reefer) to configure the Splunk agent. It's currently somewhat limited in that it will only log one file glob pattern and send it to a single index. We could extend the idea to support multiple file globs sending to multiple indexes.

## Required Env variables

* SPLUNK_SERVER - Server FQDN/IP to send logs.

* SPLUNK_SERVER_PORT - Port on the above server.

* SPLUNK_LOGFILE_PATTERN - Glob pattern (or regex but this is not tested) for files to monitor.

* SPLUNK_INDEX - Splunk index to send log entries to.

## Example run:

```

docker run -d \

  -e SPLUNK_SERVER=splunk.local.com \

  -e SPLUNK_SERVER_PORT=9500 \

  -e 'SPLUNK_LOGFILE_PATTERN=/var/log/*.log' \

  -e SPLUNK_INDEX=prod_idx \

  readytalk/splunkforwarder

```