A few tips and examples of what can be achieved using this app.
Access and modify Splunk settings on a remote server without having to connect through SSH or remote desktop to it. Especially valuable when you don't like adding an exception to your firewall for splunkd port to quickly change something.
Access settings that are not exposed through the common SplunkWeb UI.
Example:
splunk show config web
This will list all the active settings inside web.conf
splunk cmd splunkd rest POST /servicesNS/nobody/system/configs/conf-web/settings minify_js=false
This command will disable JavaScript minification that would make some js debugging easier.
Example:
splunk list licenses
Example:
Run a search
splunk search bob -uri https://remoteserver:8089 -auth admin:password
Restart remote server
splunk _internal call /services/server/control/restart -method POST -uri https://remoteserver:8089 -auth admin:goodpassword
Example:
Browsing /var/log directory on a Unix box:
splunk search "| rest /services/admin/file-explorer/%252Fvar%252Flog count=100 | sort -hasSubNodes, name | table name, hasSubNodes, fileSize, lastModifiedTime"
Example:
splunk restartss
Example:
splunk package app {name}
The archive can then be downloaded from the management port of your Splunk installation:
https://localhost:8089/static/app-packages/{name}.spl
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.