Splunk is a platform for searching, monitoring, and analyzing machine-generated big data via a web-style interface.
APIs.json: https://raw.githubusercontent.com/api-evangelist/splunk/refs/heads/main/apis.yml
- Type: Index
- Position: Consumer
- Access: 3rd-Party
- Analytics
- Data Analysis
- Logging
- Machine Data
- Monitoring
- Observability
- Platform
- Security
- SIEM
- Created: 2025-01-08
- Modified: 2026-05-19
API monitoring checks to see if API-connected resources are available, working properly and responding to calls.
The Splunk Enterprise REST API provides programmatic access to the same information and functionality available to core system software and Splunk Web. It supports GET, POST, and DELETE operations over HTTPS on the splunkd management port 8089.
- Data
- Enterprise
- Management
- REST
- Search
- Documentation
- Getting Started
- API Reference
- API Reference
- Authentication
- Documentation
- OpenAPI — OpenAPI Specification
- Postman Collection — Postman Collection 2.1
- Open Collection — Open Collection 1.0
- JSON Schema — JSON Schema
- JSON Schema — JSON Schema
- JSON-LD — JSON-LD
The Splunk Cloud Platform REST API provides a subset of the Splunk Enterprise REST API endpoints for managing and interacting with your Splunk Cloud Platform deployment. Access requires port 8089 to be opened by Splunk Support.
- Cloud
- Data
- Management
- REST
- Search
- Documentation
- Getting Started
- API Reference
- Postman Collection — Postman Collection 2.1
- Open Collection — Open Collection 1.0
The Admin Config Service (ACS) is a cloud-native API that provides programmatic self-service administration capabilities for Splunk Cloud Platform. Administrators can use the ACS API to manage indexes, IP allow lists, HEC tokens, users, and roles without assistance from Splunk Support. ACS provides an OpenAPI 3.0 specification.
- Administration
- Cloud
- Configuration
- Management
- Documentation
- Getting Started
- API Reference
- Postman Collection — Postman Collection 2.1
- Open Collection — Open Collection 1.0
The OpenAPI 3.0 specification for the Splunk Cloud Admin Config Service (ACS) API. It includes all parameters, response codes, and other metadata needed to send requests to the ACS API endpoint.
- Administration
- Cloud
- OpenAPI
- OpenAPI — OpenAPI Specification
- Postman Collection — Postman Collection 2.1
- Open Collection — Open Collection 1.0
The Splunk Observability Cloud API provides REST endpoints for sending and managing metrics, traces, and events. It supports infrastructure monitoring, application performance monitoring (APM), real user monitoring, and synthetic monitoring use cases.
- Human URL: https://dev.splunk.com/observability/
- APM
- Metrics
- Monitoring
- Observability
- Traces
- Documentation
- API Reference
- API Reference
- Authentication
- Documentation
- API Reference
- Documentation
- Postman Collection — Postman Collection 2.1
- Open Collection — Open Collection 1.0
The Splunk SOAR REST API enables programmatic creation, updating, and management of security automation objects including containers, assets, playbooks, indicators, lists, and audit records. REST API requests must be performed over HTTPS with token-based or basic authentication.
- Automation
- Orchestration
- Playbooks
- Security
- SOAR
- Documentation
- Documentation
- API Reference
- API Reference
- Documentation
- Postman Collection — Postman Collection 2.1
- Open Collection — Open Collection 1.0
The Splunk Enterprise Security API provides REST endpoints for accessing and modifying findings, investigations, risk scores, assets, and identities in Splunk Enterprise Security. It includes an OpenAPI specification for download.
- Enterprise Security
- Findings
- Investigations
- Security
- SIEM
- Documentation
- API Reference
- Getting Started
- API Reference
- Documentation
- Postman Collection — Postman Collection 2.1
- Open Collection — Open Collection 1.0
The Splunk IT Service Intelligence (ITSI) REST API allows bulk creation and updating of ITOA interface objects such as entities, services, and KPI base searches. ITSI is a monitoring and analytics solution powered by artificial intelligence for IT Operations (AIOps).
- AIOps
- IT Service Intelligence
- ITSI
- Monitoring
- Documentation
- API Reference
- Postman Collection — Postman Collection 2.1
- Open Collection — Open Collection 1.0
The Splunk HTTP Event Collector (HEC) is a high-performance REST API data input that accepts JSON or raw text data sent over HTTP or HTTPS. It uses token-based authentication and provides endpoints for sending events (/services/collector/event), raw data (/services/collector/raw), and checking indexing status (/services/collector/ack).
- Data Ingestion
- Events
- HEC
- Logging
- REST
- Documentation
- API Reference
- Documentation
- Documentation
- Getting Started
- Postman Collection — Postman Collection 2.1
- Open Collection — Open Collection 1.0
The Splunk Intelligence Management (formerly ThreatStream) API provides REST v2.0 endpoints for managing threat intelligence data including indicators, observables, and intelligence sources. It supports STIX and TAXII formats for sharing cyber threat intelligence over HTTPS.
- Indicators
- Security
- STIX
- TAXII
- Threat Intelligence
- Documentation
- Documentation
- Documentation
- Postman Collection — Postman Collection 2.1
- Open Collection — Open Collection 1.0
The Splunk SOAR Playbook Automation API provides Python APIs for developing playbooks and automation within Splunk SOAR. It includes container, playbook, data access, vault, network, and session automation APIs for building detailed security orchestration workflows.
- Automation
- Orchestration
- Playbooks
- Security
- SOAR
- Documentation
- API Reference
- API Reference
- API Reference
- API Reference
- Postman Collection — Postman Collection 2.1
- Open Collection — Open Collection 1.0
The Splunk AppInspect API validates Splunk apps and add-ons against Splunk best practices and requirements for publishing to Splunkbase or installing on Splunk Cloud Platform. It provides automated app vetting through a REST API.
- Apps
- Cloud
- Splunkbase
- Validation
- Changelog
- API Reference
- Postman Collection — Postman Collection 2.1
- Open Collection — Open Collection 1.0
- Arazzo Workflows — Arazzo Specification
- Developer Portal
- Blog
- Support
- Status Page
- Documentation
- GitHub Organization
- Documentation
- Documentation
- Getting Started
- Documentation
- Documentation
- Marketplace
- Pricing
- Sign Up
- Sign Up
- Terms of Service
- Terms of Service
- Changelog
- Authentication
- SDK
- SDK
- SDK
- SDK
- SDK
- Changelog
- Changelog
- Documentation
- Authentication
- Privacy Policy
- Security
- GitHub Repository
- X (Twitter)
- Spectral Rules
- Features
- Use Cases
- Integrations
- M C P Server
FN: Kin Lane Email: kin@apievangelist.com Email: devinfo@splunk.com URL: https://www.splunk.com