differences between log-driver `splunk` vs `splunk-logging-plugin`

[zerog2k]

Is there some documentation about the functional differences between the splunk logging driver, which docker docs mention here: https://docs.docker.com/config/containers/logging/splunk/ vs the splunk-logging-plugin (the one from this repo?) I did look around, however the only difference I can find (indirect) reference to is that the splunk-logging-plugin might allow for local container log inspection (i.e. docker logs CONTAINERNAME) whereas the splunk driver may not, per https://github.com/splunk/docker-logging-plugin/issues/2

[mwang2016]

Hi @zerog2k, the Splunk logging driver is the older version vs splunk-logging-plugin is newer and has more reading capabilities.

[wcooley]

Hi @mwang2016, could you tell us more about what reading capabilities the plugin has over the built-in driver?

Comparing the README with the Docker docs for the built-in Splunk driver, they appear to be nearly identical, aside from the plugin having a few additional environment variables.

Looking at the code (I don't really know Go, so I'm kinda muddling here), I don't see a ton of differences, aside from additional setup for the driver, some telemetry and refactoring.