splunkctl v0.1.0
First release of splunkctl — a CLI for operating Splunk Enterprise as code.
Highlights
- 14 command groups: search, rules, alerts, dashboards, indexes, inputs, lookups, parsers, apps, users, config, info, commands, skill
- Dry-run by default — every mutation previews changes;
--yesto apply - Dual output — tables for humans, JSON for pipes;
--format/--json/--fields - Lazy auth — env vars, config file, or token; credentials resolve on first API call
- Agent integration —
splunkctl commandsJSON tree + embedded SKILL.md guide - Global flags work anywhere —
splunkctl rules delete X --yesjust works - Clean error messages — permission denied, auth failures, not-found show one line, no tracebacks
- 197 tests, mypy strict, ruff, semgrep SAST
Install
pip install splunkctlRequires Python 3.13+.