Skip to content

api-evangelist/splunk

Repository files navigation

Splunk (splunk)

Splunk is a platform for searching, monitoring, and analyzing machine-generated big data via a web-style interface.

APIs.json: https://raw.githubusercontent.com/api-evangelist/splunk/refs/heads/main/apis.yml

Scope

  • Type: Index
  • Position: Consumer
  • Access: 3rd-Party

Tags

  • Analytics
  • Data Analysis
  • Logging
  • Machine Data
  • Monitoring
  • Observability
  • Platform
  • Security
  • SIEM

Timestamps

  • Created: 2025-01-08
  • Modified: 2026-05-19

APIs

Splunk

API monitoring checks to see if API-connected resources are available, working properly and responding to calls.

Properties

Splunk Enterprise REST API

The Splunk Enterprise REST API provides programmatic access to the same information and functionality available to core system software and Splunk Web. It supports GET, POST, and DELETE operations over HTTPS on the splunkd management port 8089.

Tags

  • Data
  • Enterprise
  • Management
  • REST
  • Search

Properties

Splunk Cloud Platform REST API

The Splunk Cloud Platform REST API provides a subset of the Splunk Enterprise REST API endpoints for managing and interacting with your Splunk Cloud Platform deployment. Access requires port 8089 to be opened by Splunk Support.

Tags

  • Cloud
  • Data
  • Management
  • REST
  • Search

Properties

Splunk Cloud Admin Config Service (ACS) API

The Admin Config Service (ACS) is a cloud-native API that provides programmatic self-service administration capabilities for Splunk Cloud Platform. Administrators can use the ACS API to manage indexes, IP allow lists, HEC tokens, users, and roles without assistance from Splunk Support. ACS provides an OpenAPI 3.0 specification.

Tags

  • Administration
  • Cloud
  • Configuration
  • Management

Properties

Splunk Cloud ACS OpenAPI Specification

The OpenAPI 3.0 specification for the Splunk Cloud Admin Config Service (ACS) API. It includes all parameters, response codes, and other metadata needed to send requests to the ACS API endpoint.

Tags

  • Administration
  • Cloud
  • OpenAPI

Properties

Splunk Observability Cloud API

The Splunk Observability Cloud API provides REST endpoints for sending and managing metrics, traces, and events. It supports infrastructure monitoring, application performance monitoring (APM), real user monitoring, and synthetic monitoring use cases.

Tags

  • APM
  • Metrics
  • Monitoring
  • Observability
  • Traces

Properties

Splunk SOAR REST API

The Splunk SOAR REST API enables programmatic creation, updating, and management of security automation objects including containers, assets, playbooks, indicators, lists, and audit records. REST API requests must be performed over HTTPS with token-based or basic authentication.

Tags

  • Automation
  • Orchestration
  • Playbooks
  • Security
  • SOAR

Properties

Splunk Enterprise Security API

The Splunk Enterprise Security API provides REST endpoints for accessing and modifying findings, investigations, risk scores, assets, and identities in Splunk Enterprise Security. It includes an OpenAPI specification for download.

Tags

  • Enterprise Security
  • Findings
  • Investigations
  • Security
  • SIEM

Properties

Splunk IT Service Intelligence (ITSI) REST API

The Splunk IT Service Intelligence (ITSI) REST API allows bulk creation and updating of ITOA interface objects such as entities, services, and KPI base searches. ITSI is a monitoring and analytics solution powered by artificial intelligence for IT Operations (AIOps).

Tags

  • AIOps
  • IT Service Intelligence
  • ITSI
  • Monitoring

Properties

Splunk HTTP Event Collector (HEC) API

The Splunk HTTP Event Collector (HEC) is a high-performance REST API data input that accepts JSON or raw text data sent over HTTP or HTTPS. It uses token-based authentication and provides endpoints for sending events (/services/collector/event), raw data (/services/collector/raw), and checking indexing status (/services/collector/ack).

Tags

  • Data Ingestion
  • Events
  • HEC
  • Logging
  • REST

Properties

Splunk Intelligence Management API

The Splunk Intelligence Management (formerly ThreatStream) API provides REST v2.0 endpoints for managing threat intelligence data including indicators, observables, and intelligence sources. It supports STIX and TAXII formats for sharing cyber threat intelligence over HTTPS.

Tags

  • Indicators
  • Security
  • STIX
  • TAXII
  • Threat Intelligence

Properties

Splunk SOAR Playbook Automation API

The Splunk SOAR Playbook Automation API provides Python APIs for developing playbooks and automation within Splunk SOAR. It includes container, playbook, data access, vault, network, and session automation APIs for building detailed security orchestration workflows.

Tags

  • Automation
  • Orchestration
  • Playbooks
  • Security
  • SOAR

Properties

Splunk AppInspect API

The Splunk AppInspect API validates Splunk apps and add-ons against Splunk best practices and requirements for publishing to Splunkbase or installing on Splunk Cloud Platform. It provides automated app vetting through a REST API.

Tags

  • Apps
  • Cloud
  • Splunkbase
  • Validation

Properties

Common Properties

Maintainers

FN: Kin Lane Email: kin@apievangelist.com Email: devinfo@splunk.com URL: https://www.splunk.com

About

Splunk is a platform for searching, monitoring, and analyzing machine-generated big data via a web-style interface.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors