Splunk

[tcp://1234]sourcetype = my_source_type

Build the logspout-splunk container

Sending build context to Docker daemon...Step 0 : FROM gliderlabs/logspout:master...Successfully built b356b141ddc2

Start the logspout-splunk container

sudo docker run --env DEBUG=1 --name="logspout" \--volume=/var/run/docker.sock:/tmp/docker.sock \--publish=0.0.0.0:8002:80 b356b141ddc2

Add a route for your applications

curl http://localhost:8002/routes -d '{"adapter": "splunk","filter_sources": ["stdout" ,"stderr"],"address": "my-splunk-host:1234"}'

Add a route for a specific container name only

curl http://localhost:8002/routes -d '{"id": "unicorn","adapter": "splunk","filter_name": "*unicorn*","filter_sources": ["stdout" ,"stderr"],"address": "my-splunk-host:1234"}'