Using Docker and Splunk to Operationalize the Machine Learning Toolkit
Configuring and maintaining a Splunk dev environment can be challenging as new releases of apps and the software are made available. Leveraging the official Docker image, the newest versions of Splunk Enterprise and various apps can be made available without a time commitment or worries about future updates.
Requirements
- Docker engine installed
- Root/Sudo access for the server running Docker
- Internet connectivity
- Basic understanding of Docker
- Splunkbase account username & password
Verify Docker Installation
Check if Docker is installed:
$ docker --version
Docker version 18.09.2, build 6247962
If you don't see similar output, check out Docker.com installation docs for your platform.
Using the Splunk Supported Docker Image
Pull the latest Splunk Docker image:
$ docker pull splunk/splunk:latest
More information available at Docker Hub - Splunk.
Advanced Configuration with Pre-installed Apps
Use environmental variables to pre-install apps during container launch:
$ docker run -d -p 8000:8000 \
-e 'SPLUNK_START_ARGS=--accept-license' \
-e 'SPLUNK_PASSWORD=splunk123' \
-e SPLUNK_APPS_URL=https://splunkbase.splunk.com/app/2882/release/1.3/download,https://splunkbase.splunk.com/app/2890/release/4.1.0/download \
-e SPLUNKBASE_USERNAME=<your_email@domain.com> \
-e SPLUNKBASE_PASSWORD=<your_password> \
splunk/splunk:latest
Parameters to Update
Replace these with your Splunkbase credentials:
SPLUNKBASE_USERNAME=<your_email@domain.com>
SPLUNKBASE_PASSWORD=<your_password>
This configuration automatically downloads and installs:
Access Splunk Web
Once the container is running, access Splunk at:
Default credentials: admin:splunk123
Change the password by updating the SPLUNK_PASSWORD parameter or after logging in.
Learn More
Dive deeper into the Splunk Machine Learning Toolkit with our Splunk Machine Learning YouTube playlist.
This approach provides a clean, reproducible ML development environment that can be quickly recreated and shared across teams.