Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Is it possible to run splunk in docker container in windows ?

sarit_s
Communicator
‎05-07-2019 12:26 AM

Hello
is it possible to run splunk in docker container in windows ?
if yes, can someone link me to the installation guide ?

thanks

Labels (1)
Labels
0 Karma
Reply

dbjdbj
New Member
‎04-05-2022 02:02 AM

It is now 2022Q2 and I have the same question.

Judging by  https://github.com/splunk/docker-splunk/blob/develop/docs/SUPPORT.md

it is just Linux?

 

0 Karma
Reply

vikramyadav
Contributor
‎04-25-2020 03:31 AM

No, Currently docker image of Splunk does not support in windows. Till now it only supports the Linux bases operating system.
It clearly mention in the prerequisitealt text

Preview file
1 KB
Reply

mattymo
Splunk Employee
Splunk Employee
‎05-13-2019 07:08 AM

Hi! Splunk doesn't currently produce a Windows based Splunk image.

https://splunk.github.io/docker-splunk/SUPPORT.html

That being said, if you can handle creating Windows based Dockerfiles, you can simply create your own image. I haven't seen any samples out there in my travels.

- MattyMo
0 Karma
Reply

koshyk
Super Champion
‎05-07-2019 12:42 AM

Yes, it does. One of our POC was done in Windows, but was not elaborate

  1. Install Docker and try out another container to see everything is working
  2. Download Splunk docker image from: https://hub.docker.com/r/splunk/splunk/
  3. Follow instructions in there. This is a very basic setup

For a more elaborated clustered setup, with ansible & docker compose, follow github repo https://github.com/getkub/ansible_docker_splunk . This is more complex though

0 Karma
Reply

sarit_s
Communicator
‎05-07-2019 02:09 AM

hi
thanks for your reply
i did all of this but im getting error :

ERROR: Couldn't read "/opt/splunk/etc/splunk-launch.conf" -- maybe $SPLUNK_HOME or $SPLUNK_ETC is set wrong?

0 Karma
Reply

koshyk
Super Champion
‎05-07-2019 04:26 AM

did you volume mount $SPLUNK_HOME/etc to another location?
which version of splunk (within docker) you are using?

There are few similar errors as per post: https://answers.splunk.com/answers/553373/couldnt-determine-splunk-home-perhaps-it-should-be.html

0 Karma
Reply

sarit_s
Communicator
‎05-07-2019 04:46 AM

hi
did not volume mount $SPLUNK_HOME
latest version of splunk

0 Karma
Reply

koshyk
Super Champion
‎05-07-2019 05:16 AM

in that case, you may need shell access to the splunk container.
1. Try creating a splunk-launch.conf within your windows system (eg: SPLUNK_HOME=/opt/splunk)
2. Do a docker copy from host to container
eg docker cp C:\somewhere\in_windows\splunk-launch.conf <containerId>:/opt/splunk/etc/splunk-launch.conf

Try running again

0 Karma
Reply

sarit_s
Communicator
‎05-07-2019 09:19 AM

how is that possible that in windows i will have path like /opt/splunk
it is a linux path

0 Karma
Reply

shincho
New Member
‎01-15-2020 08:36 PM

1.what hoshky said is put a splunk-launch.conf file into splunk's container
2."/opt/splunk" is the path in splunk's container, not path in windows OS
3.After done what hoshky said, I could access localhost:8000

0 Karma
Reply
Get Updates on the Splunk Community!

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...