Information
Run multiple Splunk instances for multi-node configuration, including Searchheads and Indexers.
(Based on xeor/splunk with some modifications)
Volumes
/opt/splunk/var/lib/splunk
: Splunk index storage/license.lic
: Splunk Enterprise license
Environment variables available
SPLUNK_EXISTING_CONFIG
: Set totrue
if you're mounting host volumes that contain existing configuration (ie. you are upgrading the Splunk container)SPLUNK_SERVERNAME
: If set, it will become the name of the Splunk instance, and the name of the host for the default input.SPLUNK_ENTERPRISE
: Set totrue
if you want the enterprise 30days trial (default is the free 500MiB/day license). Should become normal enterprise if /license.lic is mounted (see volumes)SPLUNK_PW
: Set to the password you want to use if you are using the enterprise trial. Default tochangeme
SPLUNK_WEB_PATH
: Set the relative path for Splunks web-endpoint. (Examplesplunk
) for having Splunk under http://domain/splunk. Useful behind reverse proxies..SPLUNK_SESSION_TIMEOUT
: Timeout for the web-service. Use number and one of smhd, example7d
for 7 daysSPLUNK_SSO
: Must be set totrue
to enable the SSO optionsSPLUNK_SSO_ALLOW_FROM
: Either set an ip here for the proxy the request is coming from. Or if its a Docker container, you can link it asproxy
like--link nginx_reverse:proxy
, and we will detect it.SPLUNK_SSO_REMOTEUSER
: If you want Splunk to be able to do autologin via http-header from eg an intermidiate proxy. Set to egUSER
. To debug (http://splunk/debug/sso
). Should enable an extra admin-user as well with the username of theUSER
env. This setting also enables the SSO option in Splunk.SPLUNK_SSO_ADMIN
: username for an extra admin-user that we will add (with password "password"), only use this to get SSO withSPLUNK_WEB_REMOTEUSER
to work. Its ment for SSO.SPLUNK_ENABLE_VERSION_CHECK
: Enable version update checker that displays at login screen. We disable this as default because it gives us nothing when running as a Docker image..SPLUNK_DEPLOYMENT_SERVER
: The deployment server to set on all non-deployment-server splunk nodes.SPLUNK_SEARCH_PEERS
: A space-separated list of the IP addresses or hostnames of the search peers (indexers). Clustered indexers are not supported.