Start Basic Splunk Enterprise Environment

# most basic splunk environemnt
docker run -d -p 8000:8000 -e SPLUNK_START_ARGS='--accept-license' -e SPLUNK_PASSWORD='<password>' splunk/splunk:latest

Some Docker Basics

# get example commands
docker run -it splunk/splunk help

# list all running containers
docker ps

# stop a container
docker container stop <container_id>

# start a container
docker container start <container_id>

# enter container
docker exec -it <container_id> bash

App installation

  1. Install from Splunkbase in GUI

  2. Install from filesystem

     # copy app into container
 docker cp myapp.tar.gz splunk:/opt/splunk/etc/apps/
    
 # install the app
 docker exec -it splunk /opt/splunk/bin/splunk install app /opt/splunk/etc/apps/myapp.tar.gz -auth admin:your-password

  3. Install on Docker Start

     # on startup
 docker run -d -p 8000:8000 -e SPLUNK_START_ARGS='--accept-license' \
     -e SPLUNK_PASSWORD='<password>' \
     -e SPLUNK_APPS_URL='https://splunkbase.splunk.com/app/2890/release/4.1.0/download' \
     -e SPLUNKBASE_USERNAME='<sb-username>' \
     -e SPLUNKBASE_PASSWORD='<sb-password>' \
     splunk/splunk:latest

references

You may also enjoy