splunkrepl
Advanced tools
Changelog
0.8.1
Readme
An awesome little REPL for issuing Splunk queries
splunkrepl is an interactive tool for issuing Splunk queries right from the terminal!
npm install -g splunkrepl
splunkrepl works both in an interactive REPL mode and as a non-interactive executor.
--host, --user and --pwd.All REPL commands use positional arguments.
Allows you to connect to a Splunk instance.
| Argument | Description |
|---|---|
| host | Optional. Specifies the host to connect to. Will default to host from config. |
| user | Optional. Specifies the user. Will default to user from config. |
| pwd | Optional. Specifies the password. Will default to pwd from config. |
Examples
:connect localhost admin changeme:connect https://localhost:8089 admin changeme:connect https://localhost:8089Opens the Splunk Web UI and sends a query
| Argument | Description |
|---|---|
| query | Optional. Specifies the query to send to Splunk. Will default to the last query issued. |
Example
:web * | head 10Stores a command in memory using the specified key. splunkrepl allows you to store an arbitrary number of commands which you can retrieve for later use. The commands are automatically loaded on startup from the .splunkrepl file in the home directory.
| Argument | Description |
|---|---|
| key | Required. Specifies the key. Must not contain spaces. |
| value | Required. Specifies the value. Anything after the key will be taken verbatim |
Note: The keys host,user,pwd,port and webport set the default connection parameters as well as the port to use for the :web command.
Examples
:set myconn :connect localhost server1 admin changeme:set head10 * | head 10:set main_sourcetypes * | stats count by sourcetype, sourceGets the value and immediately executes it as if the user typed it in.
| Argument | Description |
|---|---|
| key | Required. Specifies the key to retrieve. Must not contain spaces. |
Example
Using head10 from the previous example
:get head10
will result in the query * | head 10 immediately being executed.
Lists all key/values from configuration.
Saves all commands to the .splunkrepl file. If you do not save changes they will be discarded when you exit the REPL.
--host, --user and --pwd and also passing --query| Argument | Description |
|---|---|
| --host | Splunk host to connect to including the port, ex. "https://localhost:8089" |
| --user | Splunk user to connect with |
| --pwd | Password for the Splunk Account |
| --query | SPL query to immediately execute. Runs in non-interactive mode |
| --verbose | Return as much detail as possible within each event (see below) |
--json | Send all output in JSON
When the results that are returned are calculated (do not have _raw) such as from stats or table, then a table view will be displayed:
By default when queries run, splunkrepl will return only _time, source, sourcetype, host and _raw (if available) fields. To get all the details specify --verbose and you will get output similar to below:
splunkrepl is licensed under the Apache License 2.0. Details can be found in the file LICENSE.
Check the change log here
FAQs
a node repl for sending SPL queries to Splunk
We found that splunkrepl demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Ecma TC39 is meeting this week and has moved key ECMAScript proposals forward, advancing Deferred Import Evaluation, Error.isError(), RegExp Escaping, and Promise.try to the next stages.
Security News
Researchers have demonstrated that teams of LLM agents can exploit zero-day vulnerabilities with a 53% success rate, and the costs of using AI to do so are rapidly becoming more affordable than hiring a human penetration tester.
Security News
In an unprecedented surge, May 2024 saw the publication of over 5,000 CVEs, marking a historic milestone in cybersecurity with an average of 164 CVEs per day, nearly double the 2023 daily average.