Skip to content

Instantly share code, notes, and snippets.

@bdenning
Last active May 26, 2021 13:17
Show Gist options
  • Save bdenning/837a844cb16baa59d20ee023bc8e1600 to your computer and use it in GitHub Desktop.
Save bdenning/837a844cb16baa59d20ee023bc8e1600 to your computer and use it in GitHub Desktop.
Dockerfile for creating Splunk container
FROM docker.io/centos:latest
MAINTAINER Bowen Denning <[email protected]>
ENV PATH=$PATH:/opt/splunk/bin
RUN yum update -y
## Download and install Splunk
RUN curl https://download.splunk.com/products/splunk/releases/6.4.1/linux/splunk-6.4.1-debde650d26e-linux-2.6-x86_64.rpm -O && \
yum install -y splunk*.rpm && \
rm splunk*.rpm
## Bootstrap Splunk and set it listening for syslog on tcp:9514
RUN splunk version --accept-license && \
splunk add tcp 9514 -index main -sourcetype tcp:9514
## Configure Splunk path
RUN echo -e "export PATH=$PATH:/opt/splunk/bin" >> ~/.bashrc
## Start Splunk
COPY entrypoint.sh /sbin/entrypoint.sh
RUN chmod +x /sbin/entrypoint.sh
EXPOSE 8000/tcp 8089/tcp 9997/tcp 9514/tcp
WORKDIR /opt/splunk
ENTRYPOINT ["/sbin/entrypoint.sh"]
EXPOSE 8000/tcp 8089/tcp 9997/tcp 9514/tcp
WORKDIR /opt/splunk
ENTRYPOINT ["/sbin/entrypoint.sh"]
#!/bin/bash
/opt/splunk/bin/splunk start &&
tail -f /opt/splunk/var/log/splunk/splunkd.log
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment