Good afternoon from France !
I'm sorry to boring you, but I need your help.
Since this morning, I started the installation of Splunk on Linux RedHat.
I successed for read the logs from the physical machine (where Splunk is installed), for read the logs from a remote machine with Splunk forwarder (where my Docker is). And now, I try to read and receive the container's logs from Docker in the interface web Splunk, but doesn't work.
So, step by step :
**1) First, I create my Token in Splunk, activate it, and I restart Splunk :**
(Sorry, french screen-shot)
![![alt text][1]
**2) After that, on my Docker machine, I edited the deamon.json and restart Docker :**
{
"log-driver": "splunk",
"log-opts": {
"splunk-token": "blabla",
"splunk-url": "http://152.34.65.33:8000",
"splunk-verify-connection": "true",
"splunk-format": "json"
}
}
When I execute "docker info", I can assure that the log driver is interpreted.
I run a Nginx container and I generate logs with CURL.
BUT, unlike the tutorials I followed, nothing happend in my Web Interface. I don't know how to debug, see some trace.
So if you see any particular error in this code or in my logic, please !
Thank's a lot,
Regards.
[1]: /storage/temp/218960-conf-token.png
↧