- Splunk Answers
- :
- Splunk Administration
- :
- Deployment Architecture
- :
- splunk logging driver for docker
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
splunk logging driver for docker
Hi i am trying to run docker with splunk logging driver . I am using splunk cloud managed service . I am receiving the below error any time did you face this error.
$sudo docker run --publish 80:80 --log-driver=splunk --log-opt splunk-token=xxxxxxxxxxx --log-opt splunk-url=https://http-inputs-ccccccc.splunkcloud.com/services/collector/event:8088 --log-opt splunk-insecureskipverify=true nginx
docker: Error response from daemon: Failed to initialize logging driver: splunk: expected format schema://dns_name_or_ip:port for splunk-url.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hpant if the splunk url is not working then it shutdowns the docker daemon itself we faced this issue , hence we avoided using this.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Any Help from Splunk team on above issue?
i am able to send logs using curl command but not docker run.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We are using splunk collector configured with URL "https://splunk-ec.test.xyz.com:8088/services/collector/event" and i am able to send log using curl command but getting below same error when i used docker run with same url.
docker: Error response from daemon: Failed to initialize logging driver: splunk: expected format scheme://dns_name_or_ip:port for splunk-url.
if i removed "/services/collector/event" from url it is not working.
Does splunk collector automatically send request to "/services/collector/event" end point ? ,,our splunk even collector url path is like "https://splunk-ec.test.XYZ.com:8088/services/collector/event", but when i try to run docker run command with same URL, i am also getting same error message
docker: Error response from daemon: Failed to initialize logging driver: splunk: expected format scheme://dns_name_or_ip:port for splunk-url.
i am able to send event log using curl command with same URL. I doubt removing "/services/collector/event" from url will work?
does splunk event collector automatically add "/services/collector/event"?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Try to change the url to format --log-opt splunk-url=https://input-ccccccc.splunkcloud.com:8088. I'm afraid though that the docker splunk logging driver isn't working at the moment - you'll probably get handshake failure error. Splunk has said that they are working on the problem but I have no clue when the fix should be coming.
Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...
.conf24 | Registration Open!
ICYMI - Check out the latest releases of Splunk Edge Processor
