Command line tools
This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
Contents
Command line tools
Caution: DO NOT use these commands without consulting Splunk support first.
cmd
btool
Cmd line modification and listing of bundles.
Syntax
Add
./splunk cmd btool application name add
Delete
./splunk cmd btool application name delete [prefix] [entry]
List
./splunk cmd btool application name list [prefix]
Arguments
Example
classify
exporttool
Using logging configuration at /Applications/splunk/etc/log-cmdline.cfg.
Allows exporting of raw data from a specific index bucket, data can be exported in raw or csv formats.
./splunk cmd exporttool
Syntax
./splunk cmd exporttool db_directory export_dir [export_search [-csv]]
Arguments
| application name | |
| prefix | |
| entry |
Example
gzdumper
listtails
locktest
locktool
./splunk cmd locktool
Usage :
lock : [-l | --lock ] [dirToLock] <timeOutSecs>
unlock [-u | --unlock ] [dirToUnlock] <timeOutSecs>
Acquires and releases locks in the same manner as splunkd. If you were to write an external script to copy db buckets in and out of indexes you should acqure locks on the db colddb and thaweddb directories as you are modifying them and release the locks when you are done.
parsetest
pcregextest
regextest
searchtest
signtool
./splunk cmd signtool
Using logging configuration at /Applications/splunk/etc/log-cmdline.cfg.
Usage :
sign : [ -s | --sign ] [dirtosign]
verify : [-v | --verify] [dirtoverify]
Allows verification and signing splunk index buckets. If you have signing set up in a cold to frozen script. Signtool allows you to verify the signatures of your archives.
tsidxprobe
This documentation applies to the following versions of Splunk: 3.2 , 3.2.1 , 3.2.2 , 3.2.3 , 3.2.4 , 3.2.5 , 3.2.6 View the Article History for its revisions.