-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathhost-network-compose.yml
101 lines (99 loc) · 5.57 KB
/
host-network-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
version: '3'
services:
splunkenterprise:
hostname: splunkenterprise
container_name: "splunk"
image: splunk/splunk:7.0.3
environment:
SPLUNK_START_ARGS: --accept-license --answer-yes
SPLUNK_ENABLE_LISTEN: 9997
SPLUNK_ADD: tcp 1514
network_mode: "host"
entrypoint: "/bin/sh -c '/bin/echo \"starting entrypoint\"
&& cd /opt/splunk
&& /bin/date -u +\"%Y-%m-%d %H:%M:%S\" > /opt/splunk/service.log
&& /bin/date -u +\"%Y-%m-%d %H:%M:%S\" > /opt/splunk/boot.log
&& /bin/date -u +\"%Y-%m-%d %H:%M:%S\"
&& touch ./etc/.ui_login
&& /bin/echo \"building splunk starter\" >> /opt/splunk/boot.log
&& /bin/echo \"#!/bin/bash\" >> /opt/start-all.sh
&& /bin/echo \"/usr/bin/nohup /bin/bash /sbin/entrypoint.sh start-service >> /opt/splunk/service.log \" >> /opt/start-all.sh
&& /bin/chmod 777 /opt/start-all.sh
&& /bin/cat /opt/start-all.sh >> /opt/splunk/boot.log
&& /bin/echo \"running splunk starter\" >> /opt/splunk/boot.log
&& /usr/bin/nohup /opt/start-all.sh & >> /opt/splunk/boot.log
&& /bin/echo \"sleeping for startup\" >> /opt/splunk/boot.log
&& sleep 20
&& /bin/echo \"\" >> /opt/splunk/boot.log
&& /bin/echo \"loading remote login\"
&& /bin/date -u +\"%Y-%m-%d %H:%M:%S\"
&& /bin/date -u +\"%Y-%m-%d %H:%M:%S\" >> /opt/splunk/boot.log
&& /bin/date -u +\"%Y-%m-%d %H:%M:%S\" >> /opt/splunk/service.log
&& /bin/echo \"installing remote login support\" >> /opt/splunk/boot.log
&& sed -i \"/\\[general\\]/aallowRemoteLogin = always\"
/opt/splunk/etc/system/local/server.conf
&& /bin/echo \"\" >> /opt/splunk/boot.log
&& cat /opt/splunk/etc/system/local/server.conf >> /opt/splunk/boot.log
&& /bin/echo \"\" >> /opt/splunk/boot.log
&& /bin/echo \"\" >> /opt/splunk/service.log
&& /bin/echo \"\"
&& /bin/date -u +\"%Y-%m-%d %H:%M:%S\" >> /opt/splunk/boot.log
&& /bin/date -u +\"%Y-%m-%d %H:%M:%S\" >> /opt/splunk/service.log
&& /bin/echo \"creating user\" >> /opt/splunk/boot.log
&& /bin/echo \"creating user\"
&& ./bin/splunk add user trex -password 123321 -role admin -auth admin:changeme
&& /bin/echo \"creating index antinex\" >> /opt/splunk/boot.log
&& /bin/echo \"creating index antinex\" >> /opt/splunk/service.log
&& ./bin/splunk add index antinex -auth \"trex:123321\" >> /opt/splunk/boot.log
&& /bin/echo \"enabling HEC in Global Settings\" >> /opt/splunk/boot.log
&& /bin/echo \"enabling HEC in Global Settings\" >> /opt/splunk/service.log
&& ./bin/splunk http-event-collector enable -uri https://localhost:8089 -auth \"trex:123321\" >> /opt/splunk/boot.log
&& /bin/echo \"creating token\" >> /opt/splunk/boot.log
&& ./bin/splunk
http-event-collector create
antinex-token \"antinex-token\"
-index antinex
-sourcetype json
-uri \"https://localhost:8089\"
-auth \"trex:123321\"
&& /bin/echo \"enabling Token for HEC access\" >> /opt/splunk/boot.log
&& /bin/echo \"enabling Token for HEC access\" >> /opt/splunk/service.log
&& ./bin/splunk
http-event-collector enable
-uri https://localhost:8089
-name antinex-token
-auth \"trex:123321\" >> /opt/splunk/boot.log
&& /bin/echo \"\"
&& /bin/echo \"restarting splunk\" >> /opt/splunk/boot.log
&& /bin/echo \"restarting splunk\" >> /opt/splunk/service.log
&& ./bin/splunk restart >> /opt/splunk/service.log
&& /bin/echo \"done restarting splunk\" >> /opt/splunk/boot.log
&& /bin/echo \"done restarting splunk\" >> /opt/splunk/service.log
&& /bin/echo \"\" >> /opt/splunk/boot.log
&& /bin/echo \"\" >> /opt/splunk/service.log
&& /bin/echo \"Boot completed.\"
&& /bin/echo \"Boot completed.\" >> /opt/splunk/boot.log
&& /bin/date -u +\"%Y-%m-%d %H:%M:%S\"
&& /bin/echo \"\"
&& /bin/echo \"Debugging tools:\"
&& /bin/echo \"\"
&& /bin/echo \"Tail the boot log:\"
&& /bin/echo \"docker exec -it splunk /usr/bin/tail -f /opt/splunk/boot.log\"
&& /bin/echo \"Tail the startup log:\"
&& /bin/echo \"docker exec -it splunk /usr/bin/tail -f /opt/splunk/service.log\"
&& /bin/echo \"\"
&& /bin/echo \"Pull the boot log:\"
&& /bin/echo \"./logs.sh b\"
&& /bin/echo \"Pull the startup log:\"
&& /bin/echo \"./logs.sh s\"
&& /bin/echo \"Pull the docker log:\"
&& /bin/echo \"./logs.sh d\"
&& /bin/echo \"Tail the docker log:\"
&& /bin/echo \"./logs.sh\"
&& tail -f /opt/splunk/service.log'"
ports:
- "8000:8000"
- "9997:9997"
- "8089:8089"
- "8088:8088"
- "1514:1514"