Splunk is a software platform to search, analyze and visualize the machine-generated data gathered from the websites, applications, sensors, devices etc. which make up your IT infrastructure and business. If you have a machine which is generating data continuously and you want to analyze the machine state in real time, then how will you do it? Can you do it with the help of Splunk? Yes! You can.
You see servers and devices, apps and logs, traffic and clouds. Splunk sees data. Everywhere. Splunk provides the leading platform for Operational Intelligence. It allows the curious to see closely what others ignore, machine data, and find what others never see: information that can make your company more productive, profitable, competitive and safe. What can you do with Splunk? You only need to ask. In this step by step guide I will teach you how to install Splunk on your Synology NAS device using Docker.
Install Docker via Synology “Package Center”.
Open Docker Package. From the Docker Console, go to Registry and search Splunk. Look for splunk/splunk and select it, then click Download. You will be prompted to Choose Tag, select latest. Follow the instructions in the image below.
After you click “Select”, the download process of the splunk docker container will start. You can click on Image on the Docker Console to see the download progress. The current container is about 2GB, so depending on your connection, it could take some time. Just wait before proceeding to STEP 5. Follow the instructions in the image below.
After download is completed from the Docker Console, go to Image, then select the splunk/splunk:latest container, and select Launch. Check “Execute container using high privilege”, then click Advanced Settings. Follow the instructions in the image below.
Select Enable auto-restart and Create shortcut on desktop. Follow the instructions in the image below.
Next tab – “Network”. Check “Use the same network as Docker Host”.
Next tab – “Environment” click the + to add each variable and Value. (“Yourpassword” is the secret word only you know). Follow the instructions in the image below.
First variable: SPLUNK_PASSWORD on Value Area add: yourpassword
Second variable: SPLUNK_START_ARGS on Value Area add: –accept-license
After the variable and Value are added, click on Apply.
Warning! For the second Value, on Value Area, there is a string of two hyphen-minus characters before accept-license (look at the image below and type exactly what you see in it). Because if you copy-paste from the line above, Chrome will give you a dash instead of two hyphen-minus characters.
Select “Run this container after the wizard is finished”, then click Apply. Follow the instructions in the image below.
Go to Container and, if everything went according to plan, the result should be as in the image below. Wait about 1 minute before starting STEP 11.
Go back to STEP 1 or you will deal with karma 🙂. Now you can go to Log in to http://Synology-ip-address:8000/ and log into Splunk using the username admin and the password you set up with the SPLUNK_PASSWORD variable above on STEP 8.
Note: Mandatory: install a minimum of 6GB of RAM on your Synology NAS to run Splunk. Read my guide on How to upgrade RAM on your Synology NAS.
Note: I installed the Splunk container on my Synology NAS DS718+
Note: You need more then 2GB free space on your disks. Splunk is a heavy application.
Note: Find out how to update Splunk container with the latest image.
Note: I recommend you to use Reverse Proxy to allow Splunk work over HTTPS connection.