Part 3: Deploy and verify the environment

Now that you configured the necessary services, the Collector components, and the Splunk instance, deploy and verify the log collection pipeline. For an overview of the tutorial, see Tutorial: Use the Collector to send container logs to Splunk Enterprise.

Deploy the log collection services

The next step is to run the docker-compose.yml file that you created in Part 1.

From a terminal, navigate to the log-collection directory.
If you are a macOS user with a Silicon chip, you must run the following command, as there is no arm64 version of the splunk/splunk image:
```
export DOCKER_DEFAULT_PLATFORM=linux/amd64
```

Start the log collection services defined in the docker-compose.yml file, which can take from 1 to 2 minutes to start:

docker-compose up -d

Verify that your output matches the following example:

[+] Running 5/5
✔ Network docker-tutorial_default  Created                                                                                                               0.0s
✔ Container splunk                 Healthy                                                                                                              77.1s
✔ Container otelcollector          Started                                                                                                              77.2s
✔ Container logging2               Started                                                                                                              77.5s
✔ Container logging1               Started                                                                                                              77.5s

Verify the log collection pipeline

Next, verify that everything works as expected. Follow these steps to check that the Collector gathered the logs and sent them to the Splunk Enterprise service.

In your web browser, go to http://localhost:18000.
Log in to Splunk Web using the following credentials:
- Username: admin
- Password: changeme
In the left navigation menu, select Search & Reporting.
In the search bar, search the index1 index to view the logs from the logging1 service:
```
index=index1
```
The search results show that only the logs from the logging1 service are stored in the index1 index:
In the search bar, search the index2 index to view the logs from the logging2 service:
```
index=index2
```
The search results show that only the logs from the logging2 service are stored in the index2 index:

To terminate the log collection environment, stop the running services with Docker Compose:

docker-compose down

Verify that your output matches the following example:

[+] Running 5/5
✔ Container logging2               Removed                                                                                                              10.3s
✔ Container logging1               Removed                                                                                                              10.3s
✔ Container otelcollector          Removed                                                                                                               0.2s
✔ Container splunk                 Removed                                                                                                              10.9s
✔ Network docker-tutorial_default  Removed                                                                                                               0.1s

This completes the tutorial. You configured a multicontainer environment that uses the Collector to process container logs and send them to a Splunk Enterprise server.

Learn more

For production-scale Splunk Enterprise deployments, see the Splunk Operator for Kubernetes GitHub repository.
For other examples of how the Collector can integrate with Splunk Enterprise, see the Splunk OpenTelemetry Collector GitHub repository.