Splunk's API is RESTful
Splunk's API is RESTful, which means it uses HTTP requests to interact with resources within Splunk. You can use the REST API to configure and manage a Splunk instance, create and run searches in Splunk, or create your own applications that interact with Splunk.
You can use any language or tool that supports HTTP calls to access the Splunk REST API.
In Splunk 4.2.3, the Splunk REST API Reference became available, detailing all available REST endpoints. Splunk for Developers became available at the same time, providing an Overview of the REST API, as well as tutorials, examples, and how-tos.
About the Splunk REST API Reference
The Splunk REST API Reference is now available as a separate manual. Highlights of the Splunk REST API Reference include:
- Overview page describing the contents of the reference
- Index page to all publicly available endpoints
- Series of topics on using the REST API
- Creating searches using the REST API
The Splunk REST API Reference also includes several examples:
Custom search commands
This documentation applies to the following versions of Splunk® Enterprise: 5.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.0.6, 5.0.7, 5.0.8, 5.0.9, 5.0.10, 5.0.11, 5.0.12, 5.0.13, 5.0.14, 5.0.15, 5.0.16, 5.0.17, 5.0.18