splunk-k8s-win-logging is a customization base on the official solution [splunk-kubernetes-logging] https://github.com/splunk/splunk-connect-for-kubernetes/tree/develop/helm-chart/splunk-connect-for-kubernetes/charts/splunk-kubernetes-logging. It is a Helm chart that creates a kubernetes daemonset along with other kubernetes objects in a kubernetes cluster to collect application logs from the windows nodes.
The daemonset runs fluentd with the Splunk HEC output plugin to watch, collect and send all containers logs over Splunk HEC. The default path is /var/log/containers/*.log.
See also Using Helm.
First, set a values file with the appropriate values and run the following commands:
$ helm package charts/splunk-k8s-win-logging --version <chartVersionNumber> --app-version <appVersionNumber>
$ helm install --name splunk-logging -f my_values.yaml splunk-k8s-win-logging-<chartVersionNumber>.tgzTo uninstall/delete a deployment with name splunk-logging:
$ helm delete splunk-loggingThe command removes all the Kubernetes components associated with the chart and deletes the release.