Splunk · Capability

Splunk Search and Analytics

Unified search and analytics workflow combining SPL search, index management, data inputs, and HTTP Event Collector for SOC analysts, IT operations, and data engineers.

Run with Naftiko SplunkSearchAnalyticsMonitoringData Ingestion

What You Can Do

GET

List search jobs — List search jobs.

/v1/search-jobs

POST

Create search job — Create a search job.

/v1/search-jobs

GET

List indexes — List indexes.

/v1/indexes

POST

Create index — Create an index.

/v1/indexes

POST

Send event — Send an event.

/v1/events

MCP Tools

list-search-jobs

List current search jobs.

read-only

create-search-job

Create a new SPL search job.

get-search-job

Get search job status and details.

read-only

delete-search-job

Delete a search job.

control-search-job

Control a search job (pause, unpause, finalize, cancel).

get-search-results

Get results from a completed search job.

read-only

get-search-events

Get untransformed events from a search job.

read-only

export-search-results

Export search results directly without creating a job.

read-only

list-indexes

List all Splunk indexes.

read-only

create-index

Create a new Splunk index.

get-index

Get index details and settings.

read-only

update-index

Update index settings.

idempotent

delete-index

Delete an index.

list-monitor-inputs

List file monitor data inputs.

read-only

create-monitor-input

Create a file monitor data input.

list-http-input-tokens

List HTTP Event Collector tokens.

read-only

create-http-input-token

Create an HTTP Event Collector token.

send-event

Send a JSON event via HTTP Event Collector.

check-ack-status

Check HEC indexing acknowledgment status.

read-only

APIs Used

enterprise-rest