Splunk Power Client
β‘ A modern, scriptable Python client to automate everyday Splunk tasks from the command line.
π Documentation: https://nicolas-rdgs.github.io/Splunk-Power-Client/
π» Source code: https://github.com/nicolas-rdgs/Splunk-Power-Client
π§ Work in progress
spc is still under active development. Expect breaking changes, rough edges, and bugs. Use it with caution in production environments β and please open an issue if you hit one.
π‘ What is Splunk Power Client?ΒΆ
One use case == one command line. That's the philosophy behind spc β a CLI built to maximize your productivity with Splunk and get things done faster. It turns the most common operations into scriptable, repeatable one-liners that run in seconds β speaking directly to the Splunk REST API. Bulk operations, config reloads, replays, and automation pipelines slot naturally into your scripts, terminals, and CI/CD pipelines.
π₯ Who is it for?ΒΆ
- Splunk administrators managing instances, lookups, configs, and users
- SOC / CERT analysts running repetitive searches, ingestions, and dispatches
- Anyone who needs to automate or script Splunk from a terminal or CI/CD
β¨ Key featuresΒΆ
- Upload from CSV, JSON or Excel to a Lookup CSV or KVStore
- Synchronize a lookup from one instance to another without headaches
- Reschedule a batch of saved searches to refresh dashboards rapidly
- Dispatch saved searches in the past with trigger actions (replay)
- Schedule saved searches over a past time window
- Update Splunk configurations quickly
- Create multiple local users in one command
π Quick startΒΆ
-
Install
Or with uv:
-
Define an instance
-
Check it works
βοΈ Splunk Cloud
The REST API has known limitations on Splunk Cloud β spc has not been tested against it.
See the Splunk REST and Cloud documentation.