Documentation > Splunk > Admin Manual > CLI admin commands

Admin Manual

 


Welcome to Splunk administration
What to do first
Use Splunk Web
Meet Splunk apps
Configure Splunk
Indexing with Splunk
Add data and configure inputs
Set up forwarding and receiving
Configure event processing
Configure event timestamping
Configure indexed field extraction
Manage users
Manage indexes
Define alerts
Set up backups and retention policies
Configure data security
Deploy to other Splunk instances
Set up distributed search
Manage search jobs
Use Splunk's command line interface (CLI)
Configuration file reference
Troubleshooting

CLI admin commands

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.

CLI admin commands

This topic contains information on using administrative commands via the Splunk CLI. 

    Splunk CLI command syntax: 

        ./splunk [command] [object] [-parameter <value>]...

    * Some commands don't require an object or parameters.
    * Some commands have a default parameter that can be specified by its 
      value alone.
    * In most cases, you can use any attribute in the corresponding .conf
      file as a parameter to the CLI command. (For example, the "homePath"
      attribute in indexes.conf can be specified as the "-homePath" 
      parameter to the CLI "add index" command.)

    Commands and objects:

    * A command is an action that you can perform.
    * An object is something you perform an action on. 

    Supported commands and objects:

        [command]       [objects]

        add             [exec|forward-server|index|monitor|oneshot|
                        saved-search|search-server|tcp|udp|user]

        anonymize       source

        clean           [eventdata|globaldata|userdata|all]

        create          app

        disable         [app|deploy-client|deploy-server|discoverable|
                        dist-search|index|listen|local-index|boot-start|
                        webserver|web-ssl]

        edit            [app|exec|forward-server|index|monitor|saved-search|
                        search-server|tcp|udp|user]

        enable          [app|deploy-client|deploy-server|discoverable|
                        dist-search|index|listen|local-index|boot-start|
                        webserver|web-ssl]

        display         [app|deploy-clients|deploy-server|discoverable|
                        dist-search|index|jobs|listen|local-index|boot-start|
                        webserver|web-ssl]

        export,import   [eventdata|userdata]

        find            logs 

        help            NONE

        list            [deploy-clients|exec|forward-server|index|jobs|monitor|
                        saved-search|search-server|source|sourcetype|tcp|udp|
                        user]

        login,logout    NONE

        package         app

        refresh         deploy-clients

        reload          [auth|deploy-server]

        remove          [app|exec|forward-server|jobs|monitor|saved-search|
                        search-server|source|sourcetype|tcp|udp|user]

        resurrect,unresurrect [archive_directory|index|from_time|end_time]

        search          NONE

        set             [datastore-dir|deploy-poll|default-hostname|default-index|
                        minfreemb|servername|server-type|splunkd-port|web-port]

        show            [config|datastore-dir|deploy-poll|default-hostname|
                        default-index|jobs|license|minfreemb|servername|
                        splunkd-port|web-port]

        spool           NONE

        start,stop,restart  [monitor|splunkd|splunkweb]

        status          [monitor|splunkd|splunkweb]


     Type "help [object|topic]" to get help on a specific object, or topic.
Retrieved from "http://docs.splunk.com/Documentation/Splunk/4.1/Admin/CLIadmincommands"

This documentation applies to the following versions of Splunk: 4.1 , 4.1.1 , 4.1.2 , 4.1.3 , 4.1.4 , 4.1.5 , 4.1.6 , 4.1.7 , 4.1.8 View the Article History for its revisions.


You must be logged into splunk.com in order to post comments. Log in now.

Was this documentation topic helpful?

If you'd like to hear back from us, please provide your email address:

We'd love to hear what you think about this topic or the documentation as a whole. Feedback you enter here will be delivered to the documentation team.

Feedback submitted, thanks!