a589faa95d
Signed-off-by: Kun Zhang <zkazure@gmail.com> Upstream-commit: 9b0d0a64fa92afc94617dbf38db980e415871d33 Component: engine
2.1 KiB
Splunk logging driver
The splunk logging driver sends container logs to
HTTP Event Collector
in Splunk Enterprise and Splunk Cloud.
Usage
You can configure the default logging driver by passing the --log-driver
option to the Docker daemon:
docker daemon --log-driver=splunk
You can set the logging driver for a specific container by using the
--log-driver option to docker run:
docker run --log-driver=splunk ...
Splunk options
You can use the --log-opt NAME=VALUE flag to specify these additional Splunk
logging driver options:
splunk-tokenrequired, Splunk HTTP Event Collector tokensplunk-urlrequired, path to your Splunk Enterprise or Splunk Cloud instance (including port and schema used by HTTP Event Collector)https://your_splunk_instance:8088splunk-sourceoptional, event sourcesplunk-sourcetypeoptional, event source typesplunk-indexoptional, event indexsplunk-capathoptional, path to root certificatesplunk-canameoptional, name to use for validating server certificate; by default the hostname of thesplunk-urlwill be usedsplunk-insecureskipverifyoptional, ignore server certificate validation
Below is an example of the logging option specified for the Splunk Enterprise
instance. The instance is installed locally on the same machine on which the
Docker daemon is running. The path to the root certificate and Common Name is
specified using an HTTPS schema. This is used for verification.
The SplunkServerDefaultCert is automatically generated by Splunk certificates.
docker run --log-driver=splunk \
--log-opt splunk-token=176FCEBF-4CF5-4EDF-91BC-703796522D20 \
--log-opt splunk-url=https://localhost:8088 \
--log-opt splunk-capath=/opt/splunk/etc/auth/cacert.pem \
--log-opt splunk-caname=SplunkServerDefaultCert