Getting Data In

Is it possible to run splunk in docker container in windows ?

sarit_s
Communicator

Hello
is it possible to run splunk in docker container in windows ?
if yes, can someone link me to the installation guide ?

thanks

Labels (1)
0 Karma

dbjdbj
New Member

It is now 2022Q2 and I have the same question.

Judging by  https://github.com/splunk/docker-splunk/blob/develop/docs/SUPPORT.md

it is just Linux?

 

0 Karma

vikramyadav
Contributor

No, Currently docker image of Splunk does not support in windows. Till now it only supports the Linux bases operating system.
It clearly mention in the prerequisitealt text

mattymo
Splunk Employee
Splunk Employee

Hi! Splunk doesn't currently produce a Windows based Splunk image.

https://splunk.github.io/docker-splunk/SUPPORT.html

That being said, if you can handle creating Windows based Dockerfiles, you can simply create your own image. I haven't seen any samples out there in my travels.

- MattyMo
0 Karma

koshyk
Super Champion

Yes, it does. One of our POC was done in Windows, but was not elaborate

  1. Install Docker and try out another container to see everything is working
  2. Download Splunk docker image from: https://hub.docker.com/r/splunk/splunk/
  3. Follow instructions in there. This is a very basic setup

For a more elaborated clustered setup, with ansible & docker compose, follow github repo https://github.com/getkub/ansible_docker_splunk . This is more complex though

0 Karma

sarit_s
Communicator

hi
thanks for your reply
i did all of this but im getting error :

ERROR: Couldn't read "/opt/splunk/etc/splunk-launch.conf" -- maybe $SPLUNK_HOME or $SPLUNK_ETC is set wrong?

0 Karma

koshyk
Super Champion

did you volume mount $SPLUNK_HOME/etc to another location?
which version of splunk (within docker) you are using?

There are few similar errors as per post: https://answers.splunk.com/answers/553373/couldnt-determine-splunk-home-perhaps-it-should-be.html

0 Karma

sarit_s
Communicator

hi
did not volume mount $SPLUNK_HOME
latest version of splunk

0 Karma

koshyk
Super Champion

in that case, you may need shell access to the splunk container.
1. Try creating a splunk-launch.conf within your windows system (eg: SPLUNK_HOME=/opt/splunk)
2. Do a docker copy from host to container
eg docker cp C:\somewhere\in_windows\splunk-launch.conf <containerId>:/opt/splunk/etc/splunk-launch.conf

Try running again

0 Karma

sarit_s
Communicator

how is that possible that in windows i will have path like /opt/splunk
it is a linux path

0 Karma

shincho
New Member

1.what hoshky said is put a splunk-launch.conf file into splunk's container
2."/opt/splunk" is the path in splunk's container, not path in windows OS
3.After done what hoshky said, I could access localhost:8000

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...