Dockerfile for creating Splunk container

Dockerfile

FROM       docker.io/centos:latest
MAINTAINER Bowen Denning <[email protected]>

ENV PATH=$PATH:/opt/splunk/bin

RUN yum update -y

## Download and install Splunk
RUN curl https://download.splunk.com/products/splunk/releases/6.4.1/linux/splunk-6.4.1-debde650d26e-linux-2.6-x86_64.rpm -O && \
    yum install -y splunk*.rpm && \
    rm splunk*.rpm

## Bootstrap Splunk and set it listening for syslog on tcp:9514
RUN splunk version --accept-license && \
    splunk add tcp 9514 -index main -sourcetype tcp:9514

## Configure Splunk path
RUN echo -e "export PATH=$PATH:/opt/splunk/bin" >> ~/.bashrc

## Start Splunk
COPY entrypoint.sh /sbin/entrypoint.sh
RUN chmod +x /sbin/entrypoint.sh

EXPOSE 8000/tcp 8089/tcp 9997/tcp 9514/tcp
WORKDIR /opt/splunk

ENTRYPOINT ["/sbin/entrypoint.sh"]

EXPOSE 8000/tcp 8089/tcp 9997/tcp 9514/tcp
WORKDIR /opt/splunk

ENTRYPOINT ["/sbin/entrypoint.sh"]

entrypoint.sh

#!/bin/bash

/opt/splunk/bin/splunk start &&
tail -f /opt/splunk/var/log/splunk/splunkd.log