Splunk

Splunk

API monitoring checks to see if API-connected resources are available, working properly and responding to calls.

Splunk Enterprise REST API

The Splunk Enterprise REST API provides programmatic access to the same information and functionality available to core system software and Splunk Web. It supports GET, POST, an...

Splunk Cloud Platform REST API

The Splunk Cloud Platform REST API provides a subset of the Splunk Enterprise REST API endpoints for managing and interacting with your Splunk Cloud Platform deployment. Access ...

Splunk Cloud Admin Config Service (ACS) API

The Admin Config Service (ACS) is a cloud-native API that provides programmatic self-service administration capabilities for Splunk Cloud Platform. Administrators can use the AC...

Splunk Cloud ACS OpenAPI Specification

The OpenAPI 3.0 specification for the Splunk Cloud Admin Config Service (ACS) API. It includes all parameters, response codes, and other metadata needed to send requests to the ...

Splunk Observability Cloud API

The Splunk Observability Cloud API provides REST endpoints for sending and managing metrics, traces, and events. It supports infrastructure monitoring, application performance m...

Splunk SOAR REST API

The Splunk SOAR REST API enables programmatic creation, updating, and management of security automation objects including containers, assets, playbooks, indicators, lists, and a...

Splunk Enterprise Security API

The Splunk Enterprise Security API provides REST endpoints for accessing and modifying findings, investigations, risk scores, assets, and identities in Splunk Enterprise Securit...

Splunk IT Service Intelligence (ITSI) REST API

The Splunk IT Service Intelligence (ITSI) REST API allows bulk creation and updating of ITOA interface objects such as entities, services, and KPI base searches. ITSI is a monit...

Splunk HTTP Event Collector (HEC) API

The Splunk HTTP Event Collector (HEC) is a high-performance REST API data input that accepts JSON or raw text data sent over HTTP or HTTPS. It uses token-based authentication an...

Splunk Intelligence Management API

The Splunk Intelligence Management (formerly ThreatStream) API provides REST v2.0 endpoints for managing threat intelligence data including indicators, observables, and intellig...

Splunk SOAR Playbook Automation API

The Splunk SOAR Playbook Automation API provides Python APIs for developing playbooks and automation within Splunk SOAR. It includes container, playbook, data access, vault, net...

Splunk AppInspect API

The Splunk AppInspect API validates Splunk apps and add-ons against Splunk best practices and requirements for publishing to Splunkbase or installing on Splunk Cloud Platform. I...

Splunk Search and Analytics

Unified search and analytics workflow combining SPL search, index management, data inputs, and HTTP Event Collector for SOC analysts, IT operations, and data engineers.

Run SPL queries to search, correlate, and analyze machine data across all indexed sources in real time.

Create and manage indexes to organize and retain data with configurable storage and retention policies.

Ingest data from file monitors, TCP/UDP inputs, scripted inputs, and HTTP Event Collector endpoints.

High-performance REST API for sending JSON or raw text events over HTTPS with token-based authentication.

Detect threats, investigate incidents, and automate response workflows with SIEM and SOAR capabilities.

Monitor infrastructure, applications, and real user experience with metrics, traces, and logs.

AIOps-powered monitoring and analytics for IT operations with service-level visibility.

Manage threat indicators, observables, and intelligence sources in STIX and TAXII formats.

Automate security workflows with SOAR playbooks for incident response and remediation.

Centralize security event data for real-time threat detection, investigation, and compliance reporting.

Monitor infrastructure health, application performance, and service availability across hybrid environments.

Collect, index, and analyze log data from servers, applications, and network devices for troubleshooting.

Automate security incident triage, enrichment, and response using SOAR playbooks and integrations.

Trace application requests end-to-end to identify bottlenecks and optimize performance.

Generate compliance reports and audit trails from indexed data to meet regulatory requirements.

Ingest and analyze AWS CloudTrail, CloudWatch, VPC Flow Logs, and other AWS service data.

Collect and analyze Azure activity logs, metrics, and diagnostic data.

Ingest Google Cloud audit logs, metrics, and Pub/Sub messages for cloud monitoring.

Monitor Kubernetes clusters with metrics, logs, and events from containers and orchestration.

Integrate Splunk alerts and incidents with ServiceNow ITSM for ticketing and workflow automation.

Trigger PagerDuty incidents from Splunk alerts for on-call notification and escalation.

Collect and analyze Cisco network device logs, firewall events, and security telemetry.

Ingest CrowdStrike Falcon endpoint detection data for correlated threat analysis.

Splunk Context

0 classes · 15 properties

Splunk Enterprise Rest Context

0 classes · 0 properties

Splunk API Rules

7 rules · 7 errors