Merge branch 'develop' into docs/web-ssl

Author: nwang92

.circleci/config.yml

@@ -44,7 +44,7 @@ jobs:
           command: make test_debian9_image_size
       - run:
           name: Running debian9 CI Tests
-          command: make run_tests_debian9
+          command: make run_tests_debian10
           no_output_timeout: 20m
       - store_artifacts:
           path: test-results

Makefile

@@ -7,8 +7,8 @@ SPLUNK_ANSIBLE_BRANCH ?= develop
 SPLUNK_COMPOSE ?= cluster_absolute_unit.yaml
 # Set Splunk version/build parameters here to define downstream URLs and file names
 SPLUNK_PRODUCT := splunk
-SPLUNK_VERSION := 7.3.0
-SPLUNK_BUILD := 657388c7a488
+SPLUNK_VERSION := 7.3.1.1
+SPLUNK_BUILD := 7651b7244cf2
 ifeq ($(shell arch), s390x)
 	SPLUNK_ARCH = s390x
 else

_config.yml

@@ -1 +1,7 @@
-theme: jekyll-theme-modernist
+theme: jekyll-theme-modernist
+relative_links:
+  enabled: true
+  collections: true
+markdown: kramdown
+kramdown:
+  parse_block_html: true

base/debian-10/install.sh

@@ -31,7 +31,7 @@ ln -sf /usr/share/zoneinfo/UTC /etc/localtime
 apt update
 
 # put back tools for customer support
-apt-get install -y --no-install-recommends curl sudo libgssapi-krb5-2 busybox procps acl
+apt-get install -y --no-install-recommends curl sudo libgssapi-krb5-2 busybox procps acl gcc libssl-dev libffi-dev python2-dev
 apt-get install -y --no-install-recommends python-pip python-setuptools python-requests python-yaml
 pip --no-cache-dir install ansible
 

base/redhat-8/Dockerfile

@@ -20,7 +20,7 @@ FROM registry.access.redhat.com/ubi8/ubi-minimal
 LABEL name="splunk" \
       maintainer="support@splunk.com" \
       vendor="splunk" \
-      version="7.3.0" \
+      version="7.3.1.1" \
       release="1" \
       summary="UBI 8 Docker image of Splunk Enterprise" \
       description="Splunk Enterprise is a platform for operational intelligence. Our software lets you collect, analyze, and act upon the untapped value of big data that your technology infrastructure, security systems, and business applications generate. It gives you insights to drive operational performance and business results."

docs/EXAMPLES.md

@@ -31,9 +31,10 @@ $ docker run --name so1 --hostname so1 -p 8000:8000 -e "SPLUNK_PASSWORD=<passwor
 ```
 
 ## Create standalone from compose
-<details><summary>docker-compose.yml</summary><p>
 
-```
+<details><summary markdown="span">docker-compose.yml</summary>
+
+```yaml
 version: "3.6"
 
 services:
@@ -46,7 +47,7 @@ services:
     ports:
       - 8000
 ```
-</p></details>
+</details>
 
 Execute the following to bring up your deployment:
 ```
@@ -56,9 +57,9 @@ $ SPLUNK_PASSWORD=<password> docker-compose up -d
 ## Create standalone with license
 Adding a Splunk Enterprise license can be done in multiple ways. Please review the following compose files below to see how it can be achieved, either with a license hosted on a webserver or with a license file as a direct mount.
 
-<details><summary>docker-compose.yml - license from URL</summary><p>
+<details><summary>docker-compose.yml - license from URL</summary>
 
-```
+```yaml
 version: "3.6"
 
 services:
@@ -72,11 +73,11 @@ services:
     ports:
       - 8000
 ```
-</p></details>
+</details>
 
-<details><summary>docker-compose.yml - license from file</summary><p>
+<details><summary>docker-compose.yml - license from file</summary>
 
-```
+```yaml
 version: "3.6"
 
 services:
@@ -92,7 +93,7 @@ services:
     volumes:
       - ./splunk.lic:/tmp/license/splunk.lic
 ```
-</p></details>
+</details>
 
 
 Execute the following to bring up your deployment:
@@ -103,9 +104,9 @@ $ SPLUNK_PASSWORD=<password> docker-compose up -d
 ## Create standalone with HEC
 To learn more about what the HTTP event collector (HEC) is and how to use it, please review the documentation [here](https://docs.splunk.com/Documentation/Splunk/latest/Data/UsetheHTTPEventCollector).
 
-<details><summary>docker-compose.yml</summary><p>
+<details><summary>docker-compose.yml</summary>
 
-```
+```yaml
 version: "3.6"
 
 services:
@@ -119,7 +120,7 @@ services:
     ports:
       - 8000
 ```
-</p></details>
+</details>
 
 Execute the following to bring up your deployment:
 ```
@@ -133,9 +134,11 @@ $ curl -k https://localhost:8088/services/collector/event -H "Authorization: Spl
 ```
 
 ## Create standalone with app
-<details><summary>docker-compose.yml</summary><p>
+Splunk apps can also be installed using this Docker image.
 
-```
+<details><summary>docker-compose.yml</summary>
+
+```yaml
 version: "3.6"
 
 services:
@@ -149,17 +152,19 @@ services:
     ports:
       - 8000
 ```
-</p></details>
+</details>
 
 Execute the following to bring up your deployment:
 ```
 $ SPLUNK_PASSWORD=<password> docker-compose up -d
 ```
 
 ## Create standalone with SplunkBase app
-<details><summary>docker-compose.yml</summary><p>
+Apps showcased on SplunkBase can also be installed using this Docker image.
 
-```
+<details><summary>docker-compose.yml</summary>
+
+```yaml
 version: "3.6"
 
 services:
@@ -175,7 +180,7 @@ services:
     ports:
       - 8000
 ```
-</p></details>
+</details>
 
 Execute the following to bring up your deployment:
 ```
@@ -203,9 +208,11 @@ $ docker run --name so1 --hostname so1 -p 8000:8000 \
 ```
 
 ## Create standalone and universal forwarder
-<details><summary>docker-compose.yml</summary><p>
+You can also enable distributed deployments. In this case, we can create a Splunk universal forwarder running in a container to stream logs to a Splunk standalone, also running in a container.
 
-```
+<details><summary>docker-compose.yml</summary>
+
+```yaml
 version: "3.6"
 
 networks:
@@ -246,7 +253,7 @@ services:
       - 8000
       - 8089
 ```
-</p></details>
+</details>
 
 Execute the following to bring up your deployment:
 ```
@@ -256,9 +263,9 @@ $ SPLUNK_PASSWORD=<password> docker-compose up -d
 ## Create heavy forwarder
 The following will allow you spin up a forwarder, and stream its logs to an independent, external indexer located at `idx1-splunk.company.internal`, as long as that hostname is reachable on your network.
 
-<details><summary>docker-compose.yml</summary><p>
+<details><summary>docker-compose.yml</summary>
 
-```
+```yaml
 version: "3.6"
 
 networks:
@@ -284,7 +291,7 @@ services:
     ports:
       - 1514
 ```
-</p></details>
+</details>
 
 Execute the following to bring up your deployment:
 ```
@@ -294,9 +301,9 @@ $ SPLUNK_PASSWORD=<password> docker-compose up -d
 ## Create heavy forwarder and deployment server
 The following will allow you spin up a forwarder, and stream its logs to an independent, external indexer located at `idx1-splunk.company.internal`, as long as that hostname is reachable on your network. Additionally, it brings up a deployment server, which will download an app and distribute it to the heavy forwarder.
 
-<details><summary>docker-compose.yml</summary><p>
+<details><summary>docker-compose.yml</summary>
 
-```
+```yaml
 version: "3.6"
 
 networks:
@@ -337,7 +344,7 @@ services:
       - SPLUNK_APPS_URL=https://artifact.company.internal/splunk_app.tgz
       - SPLUNK_PASSWORD
 ```
-</p></details>
+</details>
 
 Execute the following to bring up your deployment:
 ```
@@ -351,9 +358,9 @@ $ docker run -it -e SPLUNK_PASSWORD=<password> splunk/splunk:latest create-defau
 ```
 
 Additionally, review the `docker-compose.yml` below to understand how linking Splunk instances together through roles and environment variables is accomplished:
-<details><summary>docker-compose.yml</summary><p>
+<details><summary>docker-compose.yml</summary>
 
-```
+```yaml
 version: "3.6"
 
 networks:
@@ -466,7 +473,7 @@ services:
     volumes:
       - ./default.yml:/tmp/defaults/default.yml
 ```
-</p></details>
+</details>
 
 Execute the following to bring up your deployment:
 ```
@@ -480,9 +487,9 @@ $ docker run -it -e SPLUNK_PASSWORD=<password> splunk/splunk:latest create-defau
 ```
 
 Additionally, review the `docker-compose.yml` below to understand how linking Splunk instances together through roles and environment variables is accomplished:
-<details><summary>docker-compose.yml</summary><p>
+<details><summary>docker-compose.yml</summary>
 
-```
+```yaml
 version: "3.6"
 
 networks:
@@ -596,7 +603,7 @@ services:
     volumes:
       - ./default.yml:/tmp/defaults/default.yml
 ```
-</p></details>
+</details>
 
 Execute the following to bring up your deployment:
 ```
@@ -610,9 +617,9 @@ $ docker run -it -e SPLUNK_PASSWORD=<password> splunk/splunk:latest create-defau
 ```
 
 Additionally, review the `docker-compose.yml` below to understand how linking Splunk instances together through roles and environment variables is accomplished:
-<details><summary>docker-compose.yml</summary><p>
+<details><summary>docker-compose.yml</summary>
 
-```
+```yaml
 version: "3.6"
 
 networks:
@@ -797,17 +804,17 @@ services:
     volumes:
       - ./default.yml:/tmp/defaults/default.yml
 ```
-</p></details>
+</details>
 
 Execute the following to bring up your deployment:
 ```
 $ docker-compose up -d
 ```
 
 ## Enable root endpoint on SplunkWeb
-<details><summary>docker-compose.yml</summary><p>
+<details><summary>docker-compose.yml</summary>
 
-```
+```yaml
 version: "3.6"
 
 services:
@@ -821,7 +828,7 @@ services:
     ports:
       - 8000
 ```
-</p></details>
+</details>
 
 Execute the following to bring up your deployment:
 ```
@@ -831,9 +838,9 @@ $ SPLUNK_PASSWORD=<password> docker-compose up -d
 Then, visit SplunkWeb on your browser with the root endpoint in the URL, such as `http://localhost:8000/splunkweb`.
 
 ## Create sidecar forwarder
-<details><summary>k8s-sidecar.yml</summary><p>
+<details><summary>k8s-sidecar.yml</summary>
 
-```
+```yaml
 apiVersion: v1
 kind: Pod
 metadata:
@@ -863,7 +870,7 @@ spec:
   - name: shared-data
     emptyDir: {}
 ```
-</p></details>
+</details>
 
 Execute the following to bring up your deployment:
 ```

splunk/common-files/make-minimal-exclude.py

@@ -31,7 +31,7 @@
 */share/splunk/pdf*
 *mrsparkle*"""
 
-m = re.match(".*splunk-([0-9]+)\.([0-9]+)\.[0-9]+-[0-9a-z]+-Linux-[0-9a-z_-]+.tgz", sys.argv[1])
+m = re.match(".*splunk-([0-9]+)\.([0-9]+)\.[0-9]+\.?[0-9]?-[0-9a-z]+-Linux-[0-9a-z_-]+.tgz", sys.argv[1])
 
 if m and m.group(1):
     if m.group(1) == "7":