docker-compose.yml

version: "3.5"
services:
  cribl:
    build:
      context: cribl
    ports:
      - 10200:10200
      - 10088:10088
      - 10080:10080
      - 10001:10001
      - 9999:9999
      - 9000:9000
      - 8125:8125
      - 8125:8125/udp
      - 5140:5140
    volumes:
      - ./cribl/cribl:/opt/cribl/local/cribl
      - ./cribl/data:/opt/cribl/data
      - /var/run/docker.sock:/var/run/docker.sock
  gogen-accesscombined-forwarder:
    build:
      context: universalforwarder
    environment:
      - SPLUNK_CMD=cmd mkdir -p /var/log/httpd
      - SPLUNK_CMD_1=cmd gogen -v -cd /etc/gogen -o file --filename
        /var/log/httpd/access_log -lj gen -s shoppingapache 2>/var/log/gogen.log
        &
      - SPLUNK_CMD_2=add monitor /var/log/httpd/access_log -auth admin:cribldemo
        -sourcetype access_combined -index cribl
      - SPLUNK_CMD_3=add forward-server ${CRIBL_SPLUNK} -auth admin:cribldemo
        ${CRIBL_SPLUNK_ARGS}
  splunk:
    build:
      context: splunk
    ports:
      - 8000:8000
      - 8088:8088
      - 8089:8089
      - 9997:9997
    environment:
      - DONT_TIMEOUT=1
      - CRIBL_ROUTING_DEMO=1