About the CLI
You can use the Splunk platform command line interface (CLI) to monitor, configure, and execute searches. The CLI help exists in the product and is accessible through a terminal or shell interface. This topic discusses how to access this information.
Access the CLI
The CLI is located in
To access Splunk platform CLI, you need either:
- Shell access to a Splunk platform instance or forwarder, or
- Permission to access the correct port on a remote Splunk platform instance.
CLI help documentation
If you have administrator privileges, you can use the CLI not only to search but also to configure and monitor your Splunk server (or servers). The CLI commands used for configuring and monitoring Splunk are not search commands. Search commands are arguments to the
dispatch CLI commands. Some commands require you to authenticate with a username and password or specify a target Splunk server.
You can look up help information for the CLI using:
Work with the CLI on *nix
If you have administrator or root privileges, you can simplify CLI access by adding the top level directory of your Splunk platform installation,
$SPLUNK_HOME/bin, to your shell path.
This example works for Linux/BSD/Solaris users who installed Splunk Enterprise in the default location:
# export SPLUNK_HOME=/opt/splunk # export PATH=$SPLUNK_HOME/bin:$PATH
This example works for Mac users who installed Splunk Enterprise in the default location:
# export SPLUNK_HOME=/Applications/Splunk # export PATH=$SPLUNK_HOME/bin:$PATH
Now you can invoke CLI commands using:
To set the
$SPLUNK_HOME environment variable while working in a CLI session:
- In *nix:
- In Windows:
splunk.exe envvars > setSplunkEnv.bat & setSplunkEnv.bat
Note for Mac users
Mac OS X requires you to have superuser level access to run any command that accesses system files or directories. Run CLI commands using sudo or "su -" for a new shell as root. The recommended method is to use sudo. (By default the user "root" is not enabled but any administrator user can use sudo.)
Work with the CLI on Windows
To access and use CLI commands on Windows, run
cmd.exe as administrator first. Also, If you're using Windows, Splunk software does not require the "./" to run CLI commands.
Have questions? Visit Splunk Answers and see what questions and answers the Splunk community has around using the CLI.
Back up configuration information
Get help with the CLI
This documentation applies to the following versions of Splunk® Enterprise: 4.1, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7, 4.1.8, 4.2, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.3, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.3.6, 4.3.7, 5.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.0.6, 5.0.7, 5.0.8, 5.0.9, 5.0.10, 5.0.11, 5.0.12, 5.0.13, 5.0.14, 5.0.15, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.0.10, 6.0.11, 6.1, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.5, 6.1.6, 6.1.7, 6.1.8, 6.1.9, 6.1.10, 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 6.2.9, 6.3.0, 6.3.1, 6.3.1511, 6.3.2, 6.3.3, 6.3.4, 6.4.0