Releases: dannyota/splunkctl
Releases · dannyota/splunkctl
Release list
v0.2.0
What's new
Commands
- HEC tokens — create, list, update, delete HTTP Event Collector tokens
- Doctor — connection, auth, health, and permissions check
- Search upload — ingest local files (CSV, JSON, JSONL) via HEC
- Detection-as-code — import/export saved searches as YAML
Improvements
- Remote app install via Splunk Web UI (no filesystem access needed)
- Lookup upload reliability fixes
- Curated
getoutput across all commands
Documentation
- Full docs site at splunkctl.danny.vn
- 14 command guides with examples
- Architecture diagrams (Mermaid)
- Dark/light theme, search, TOC sidebar
Install
pip install splunkctl
pip install git+https://github.com/dannyota/splunk-sdk-python@splunkctlThe second line installs the forked SDK which adds dashboard, lookup, and HEC token support. Without it, core commands (search, rules, alerts, indexes, inputs, apps, users) still work.
splunkctl v0.1.0
First release of splunkctl — a CLI for operating Splunk Enterprise as code.
Highlights
- 14 command groups: search, rules, alerts, dashboards, indexes, inputs, lookups, parsers, apps, users, config, info, commands, skill
- Dry-run by default — every mutation previews changes;
--yesto apply - Dual output — tables for humans, JSON for pipes;
--format/--json/--fields - Lazy auth — env vars, config file, or token; credentials resolve on first API call
- Agent integration —
splunkctl commandsJSON tree + embedded SKILL.md guide - Global flags work anywhere —
splunkctl rules delete X --yesjust works - Clean error messages — permission denied, auth failures, not-found show one line, no tracebacks
- 197 tests, mypy strict, ruff, semgrep SAST
Install
pip install splunkctlRequires Python 3.13+.