Examples and Scripts¶
Environment Variables¶
Please use these environment variables to publish logs and run searches with a local or remote splunk server:
export SPLUNK_ADDRESS="splunkenterprise:8088"
export SPLUNK_API_ADDRESS="splunkenterprise:8089"
export SPLUNK_PASSWORD="123321"
export SPLUNK_USER="trex"
export SPLUNK_TOKEN="<Optional pre-existing Splunk token>"
Search Splunk with a Dictionary¶
The command line client sp is actually a copy of the search_splunk.py script. Note, this will likely change in the future, but for now this makes the docs easy to host on RTD.
A tool for searching splunk with python - spylunking
Examples¶
Please use these environment variables to publish logs and run searches with a local or remote splunk server:
export SPLUNK_ADDRESS="splunkenterprise:8088"
export SPLUNK_API_ADDRESS="splunkenterprise:8089"
export SPLUNK_PASSWORD="123321"
export SPLUNK_USER="trex"
export SPLUNK_TOKEN="<Optional pre-existing Splunk token>"
export SPLUNK_INDEX="<splunk index>"
Pull Logs with a Query on the Command Line¶
sp -q 'index="antinex" AND levelname=INFO | head 10 | reverse' -u trex -p 123321 -a splunkenterprise:8089
Pull Logs with a Query on the Command Line¶
Get CRITICAL logs¶
sp -q 'index="antinex" AND levelname="CRITICAL" | reverse'
Publish Logs to Splunk¶
Publish functional testing logs to splunk using the logger
Load Test Splunk¶
Splunk client load tester for determining how many messages can this client send over splunk. By default, this tester sends a batch of 1000 messages and then sleeps to let the client catch up.
Splunk client load tester for determining how many messages can this client send over splunk. By default, this tester sends a batch of messages and then sleeps to let the client catch up.
Get a Splunk User Token¶
Get a Splunk User Token
Get Splunk Service Token (Session Key)¶
A tool for getting splunk service tokens