services: splunk: image: splunk/splunk:latest container_name: splunk_local environment: - SPLUNK_START_ARGS=--accept-license - SPLUNK_PASSWORD=admin123 - SPLUNK_HEC_TOKEN=00000000-0000-0000-0000-000000000000 ports: - "8000:8000" # Splunk Web UI - "8088:8088" # HTTP Event Collector (HEC) - "9997:9997" # Splunk2Splunk - "8089:8089" # Splunk Management Port - "514:514/udp" # Syslog volumes: - splunk_etc:/opt/splunk/etc - splunk_var:/opt/splunk/var - ./config:/tmp/defaults - ./logs:/opt/splunk/logs restart: unless-stopped # Optional: Universal Forwarder for testing log forwarding splunk_forwarder: image: splunk/universalforwarder:latest container_name: splunk_forwarder environment: - SPLUNK_START_ARGS=--accept-license - SPLUNK_PASSWORD=admin123 - SPLUNK_FORWARD_SERVER=splunk:9997 volumes: - ./logs:/var/log/app - splunk_uf_etc:/opt/splunkforwarder/etc - splunk_uf_var:/opt/splunkforwarder/var depends_on: - splunk restart: unless-stopped profiles: - forwarder # Log Generators for testing various log formats log_generator_web: image: python:3.11-slim container_name: log_generator_web working_dir: /app command: python web_logs.py volumes: - ./generators:/app - ./logs:/var/log/app restart: unless-stopped profiles: - generators log_generator_syslog: image: python:3.11-slim container_name: log_generator_syslog working_dir: /app command: python syslog_generator.py volumes: - ./generators:/app - ./logs:/var/log/app restart: unless-stopped profiles: - generators log_generator_json: image: python:3.11-slim container_name: log_generator_json working_dir: /app command: python json_logs.py volumes: - ./generators:/app - ./logs:/var/log/app restart: unless-stopped profiles: - generators log_generator_hec: image: python:3.11-slim container_name: log_generator_hec working_dir: /app command: sh -c "pip install requests && python hec_sender.py" volumes: - ./generators:/app environment: - SPLUNK_HEC_URL=http://splunk:8088/services/collector - SPLUNK_HEC_TOKEN=00000000-0000-0000-0000-000000000000 depends_on: - splunk restart: unless-stopped profiles: - generators # Security-focused log generators log_generator_windows: image: python:3.11-slim container_name: log_generator_windows working_dir: /app command: python windows_events.py volumes: - ./generators:/app - ./logs:/var/log/app restart: unless-stopped profiles: - security log_generator_firewall: image: python:3.11-slim container_name: log_generator_firewall working_dir: /app command: python firewall_logs.py volumes: - ./generators:/app - ./logs:/var/log/app restart: unless-stopped profiles: - security log_generator_dns: image: python:3.11-slim container_name: log_generator_dns working_dir: /app command: python dns_logs.py volumes: - ./generators:/app - ./logs:/var/log/app restart: unless-stopped profiles: - security log_generator_auth: image: python:3.11-slim container_name: log_generator_auth working_dir: /app command: python auth_logs.py volumes: - ./generators:/app - ./logs:/var/log/app restart: unless-stopped profiles: - security log_generator_cloud: image: python:3.11-slim container_name: log_generator_cloud working_dir: /app command: python cloud_logs.py volumes: - ./generators:/app - ./logs:/var/log/app restart: unless-stopped profiles: - security volumes: splunk_etc: splunk_var: splunk_uf_etc: splunk_uf_var: