docker-splunk

Welcome to the Docker-Splunk documentation!

Welcome to the official Splunk documentation on containerizing Splunk Enterprise and Splunk Universal Forwarder deployments with Docker.

What is Splunk Enterprise?

Splunk Enterprise is a platform for operational intelligence. Our software lets you collect, analyze, and act upon the untapped value of big data that your technology infrastructure, security systems, and business applications generate. It gives you insights to drive operational performance and business results.

See Splunk Products for more information about the features and capabilities of Splunk products and how you can bring them into your organization.

What is Docker-Splunk?

The Docker-Splunk project is the official source code repository for building Docker images of Splunk Enterprise and Splunk Universal Forwarder. By introducing containerization, we can marry the ideals of infrastructure-as-code and declarative directives to manage and run Splunk Enterprise.

This repository should be used by people interested in running Splunk in their container orchestration environments. With this Docker image, we support running a standalone development Splunk instance as easily as running a full-fledged distributed production cluster, all while maintaining the best practices and recommended standards of operating Splunk at scale.

The provisioning of these disjoint containers is handled by the Splunk-Ansible project. Refer to the Splunk-Ansible documentation and the Ansible User Guide for more details.


Table of Contents