Skip to content

Releases: dannyota/splunkctl

v0.2.0

Choose a tag to compare

@dannyota dannyota released this 29 Jun 05:31
1ecd3e2

What's new

Commands

  • HEC tokens — create, list, update, delete HTTP Event Collector tokens
  • Doctor — connection, auth, health, and permissions check
  • Search upload — ingest local files (CSV, JSON, JSONL) via HEC
  • Detection-as-code — import/export saved searches as YAML

Improvements

  • Remote app install via Splunk Web UI (no filesystem access needed)
  • Lookup upload reliability fixes
  • Curated get output across all commands

Documentation

  • Full docs site at splunkctl.danny.vn
  • 14 command guides with examples
  • Architecture diagrams (Mermaid)
  • Dark/light theme, search, TOC sidebar

Install

pip install splunkctl
pip install git+https://github.com/dannyota/splunk-sdk-python@splunkctl

The second line installs the forked SDK which adds dashboard, lookup, and HEC token support. Without it, core commands (search, rules, alerts, indexes, inputs, apps, users) still work.

splunkctl v0.1.0

Choose a tag to compare

@dannyota dannyota released this 29 Jun 00:12
317fe2d

First release of splunkctl — a CLI for operating Splunk Enterprise as code.

Highlights

  • 14 command groups: search, rules, alerts, dashboards, indexes, inputs, lookups, parsers, apps, users, config, info, commands, skill
  • Dry-run by default — every mutation previews changes; --yes to apply
  • Dual output — tables for humans, JSON for pipes; --format / --json / --fields
  • Lazy auth — env vars, config file, or token; credentials resolve on first API call
  • Agent integrationsplunkctl commands JSON tree + embedded SKILL.md guide
  • Global flags work anywheresplunkctl rules delete X --yes just works
  • Clean error messages — permission denied, auth failures, not-found show one line, no tracebacks
  • 197 tests, mypy strict, ruff, semgrep SAST

Install

pip install splunkctl

Requires Python 3.13+.