Would you like to learn how to perform a Splunk docker installation on Ubuntu Linux? In this tutorial, we are going to show you how to install a splunk docker container on Linux and how to access your Splunk web administration interface for the first time.
What is Splunk?
Splunk is a software for big data that is able to capture, index and correlate data from logs.
Splunk is able to manipulate the data from logfiles and generate graphs, reports, alerts and dashboards.
Splunk Tutorial:
On this page, we offer quick access to a list of tutorials related to Splunk.
Tutorial – Splunk Docker Installation
On the Linux console, use the following commands to install Docker.
# apt-get update
# apt-get install docker.io
Download the Splunk docker image from the online repository.
# docker pull splunk/splunk:latest
List the Docker images installed on your system.
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
splunk/splunk latest 996f93fa43f0 29 hours ago 537MB
Start a new docker container using the Splunk image downloaded.
# docker run -d -p 8000:8000 -e ‘SPLUNK_START_ARGS=–accept-license’ -e ‘SPLUNK_PASSWORD=kamisama123’ splunk/splunk:latest
402f609bfecc3c85545220b0794f123f383adafe8f816c750da6d22fcc8210d5
Take note of the docker container ID.
Our Splunk container ID 402f609bfecc3c85545220b0794f123f383adafe8f816c750da6d22fcc8210d5.
In our example, the Splunk image was used to start a new Splunk container using the local port 8000.
In our example, the Splunk admin password was set to kamisama123.
Verify the status of the Splunk container using the following command:
# docker ps -a -f id=402f609bfecc3c85545220b0794f123f383adafe8f816c750da6d22fcc8210d5
CONTAINER ID IMAGE CREATED STATUS
402f609bfecc splunk/splunk:latest 2 hours ago Up 2 hours (healthy)
To stop the Splunk container service use the following command:
# docker container stop 402f609bfecc3c85545220b0794f123f383adafe8f816c750da6d22fcc8210d5
To start the Splunk container service use the following command:
# docker container start 402f609bfecc3c85545220b0794f123f383adafe8f816c750da6d22fcc8210d5
Keep in mind that you have to change the docker container ID to reflect your environment.
Splunk Login
Open your browser and enter the IP address of your server plus :8000.
In our example, the following URL was entered in the Browser:
• http://35.162.85.57:8000
The Splunk web interface should be presented.
On the prompt screen, enter the administrative login information.
• Username: admin
• Password: kamisama123
After a successful login, the Splunk dashboard will be displayed.
Congratulations! You have successfully created a Splunk docker installation on Ubuntu Linux.
Leave A Comment
You must be logged in to post a comment.