All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

What are the limitations of Splunk Docker Logging driver vs Universal Forwarder?

Ranjithatnutani
New Member
‎05-08-2018 05:11 AM

What is the best option between Splunk logging driver for Docker or Universal forwarder running on the host or inside the container for sending logs to an indexer server? What are the limitations of Splunk logging driver for Docker.

0 Karma
Reply

woodcock
Esteemed Legend
‎05-17-2018 12:35 PM

Go into Splunk Slack and message @mattymo or @ninja. They are the experts there.

0 Karma
Reply

nplamondon
Communicator
‎05-17-2018 10:32 AM

Check out this writeup for Splunking Docker containers:
https://www.tekstream.com/news/containerization-and-splunk-how-docker-and-splunk-work-together/

(From the first search result for 'docker universal forwarder': https://answers.splunk.com/answers/569238/does-splunk-provide-fully-supported-docker-univers.html )

Reply

cpetterborg
SplunkTrust
SplunkTrust
‎05-17-2018 10:57 AM

From the links that Nate has provided, it looks like it is possible to get more information from the free app for Docker, as well as not having to do much to the docker environment. I'd go with that app.

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...