I had this working at some point, but I am not able to get any of the commands to run after the universal forwarder starts up. At one point, I was able to see it add directories, but now I'm not sure what is wrong with my configuration that doesn't allow it to start run the startup commands
vsplunk_uf:
container_name: vsplunk_uf
image: busybox
volumes:
- splunk-etc:/opt/splunk/etc
- splunk-var:/opt/splunk/var
splunkuniversalforwarder:
image: splunk/universalforwarder:latest
hostname: splunkuniversalforwarder
environment:
SPLUNK_START_ARGS: --accept-license --answer-yes
SPLUNK_USER: root
SPLUNK_CMD: 'add monitor -source /usr/local/localrw/logs/webrtc/* -index webrtc -sourcetype signaler'
volumes:
- /var/lib/docker/containers:/host/containers:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- splunk-etc:/opt/splunk/etc
- splunk-var:/opt/splunk/var
- signaler-logs:/usr/local/localrw/logs/webrtc
- kms-logs:/var/log/kurento-media-server/
depends_on:
- webrtc.server.1
- kms.1
- vsplunk_uf
I am seeing the server logs stop here:
splunkuniversalforwarder_1 | Checking conf files for problems...
splunkuniversalforwarder_1 | Done
splunkuniversalforwarder_1 | Checking default conf files for edits...
splunkuniversalforwarder_1 | Validating installed files against hashes from '/opt/splunk/splunkforwarder-6.5.3-36937ad027d4-linux-2.6-x86_64-manifest'
splunkuniversalforwarder_1 | All installed files intact.
splunkuniversalforwarder_1 | Done
splunkuniversalforwarder_1 | All preliminary checks passed.
splunkuniversalforwarder_1 |
splunkuniversalforwarder_1 | Starting splunk server daemon (splunkd)...
splunkuniversalforwarder_1 | Done
splunkuniversalforwarder_1 |
And when I try to run: docker exec webrtcserver_splunkuniversalforwarder_1 entrypoint.sh splunk list monitor
Authentication needed, run "splunk login"
I've seen this run successfully, but I'm not sure what I'm doing wrong at this point and why it doesn't seem to be running the commands setup in the environment variables.
Thanks for any tips
... View more