Would you like to learn how to perform a Splunk docker installation on Ubuntu Linux? In this tutorial, we are going to show you how to install a splunk docker container on Linux and how to access your Splunk web administration interface for the first time.

What is Splunk?

Splunk is a software for big data that is able to capture, index and correlate data from logs.

Splunk is able to manipulate the data from logfiles and generate graphs, reports, alerts and dashboards.

Splunk Tutorial:

On this page, we offer quick access to a list of tutorials related to Splunk.

Tutorial – Splunk Docker Installation

On the Linux console, use the following commands to install Docker.

# apt-get update
# apt-get install docker.io

Download the Splunk docker image from the online repository.

# docker pull splunk/splunk:latest

List the Docker images installed on your system.

# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE
splunk/splunk latest 996f93fa43f0 29 hours ago 537MB

Start a new docker container using the Splunk image downloaded.

# docker run -d -p 8000:8000 -e ‘SPLUNK_START_ARGS=–accept-license’ -e ‘SPLUNK_PASSWORD=kamisama123’ splunk/splunk:latest

402f609bfecc3c85545220b0794f123f383adafe8f816c750da6d22fcc8210d5

Take note of the docker container ID.

Our Splunk container ID 402f609bfecc3c85545220b0794f123f383adafe8f816c750da6d22fcc8210d5.

In our example, the Splunk image was used to start a new Splunk container using the local port 8000.

In our example, the Splunk admin password was set to kamisama123.

Verify the status of the Splunk container using the following command:

# docker ps -a -f id=402f609bfecc3c85545220b0794f123f383adafe8f816c750da6d22fcc8210d5

CONTAINER ID IMAGE CREATED STATUS
402f609bfecc splunk/splunk:latest 2 hours ago Up 2 hours (healthy)

To stop the Splunk container service use the following command:

# docker container stop 402f609bfecc3c85545220b0794f123f383adafe8f816c750da6d22fcc8210d5

To start the Splunk container service use the following command:

# docker container start 402f609bfecc3c85545220b0794f123f383adafe8f816c750da6d22fcc8210d5

Keep in mind that you have to change the docker container ID to reflect your environment.

Splunk Login

Open your browser and enter the IP address of your server plus :8000.

In our example, the following URL was entered in the Browser:

• http://35.162.85.57:8000

The Splunk web interface should be presented.

splunk docker login

On the prompt screen, enter the administrative login information.

• Username: admin
• Password: kamisama123

After a successful login, the Splunk dashboard will be displayed.

Congratulations! You have successfully created a Splunk docker installation on Ubuntu Linux.