|
I would like to talk to the Splunk backend directly in order to run searches, and then feed that data into my own application. I noticed that the UI makes REST calls to the Splunk backend, which is relatively easy for me to interact with. 1) Is there documentation on the REST API? 2) Are there any SDKs available? If so, what languages? |
|
There is now an update to the REST API documentation available here: http://docs.splunk.com/Documentation/Splunk/latest/RESTAPI/RESTintro The new Python SDK is available on GitHub: https://github.com/splunk/splunk-sdk-python Java and JavaScript SDKs will be coming soon. |
|
As of November 2009, Splunk has not yet published API documentation for the 4.0 product, though we expect to have it soon. There are enough differences between versions 3 and 4 that the existing version 3 documentation and SDKs are only partially correct. For information about using the built-in Python SDK, see: http://splunk.stackexchange.com/questions/14/can-i-use-splunks-built-in-python-sdk-in-my-own-scripts For reference, here are pointers to version 3 resources: 1) Splunk 3.x REST documentation is located at: http://www.splunk.com/base/Documentation/3.4.11/Developer/SplunksRESTAPI. 2) Community-suppoted SDKs for version 3.x are located at: http://code.google.com/p/splunk-labs/. SDKs have been posted in Python, .NET, Java, PHP, and Perl. Splunk uses the Python SDK internally, and should be considered the reference implementation. |
|
Splunk still has a REST API. For 4.X, we are making this API bigger and better. Part of this process means we've removed the REST API documentation until our QA and development groups have completely solidified and certified each endpoint.
|
