Linux repositories inspector


perl v5.30.1


Text-based spreadsheet with VI-like keybindings


Client for Splunk log search engine


sc - Splunk Client


sc [--host <host>] [--port <port>] [--login <login>] [--password <password>] [--insecure] <subcommand> [<arguments>,...]


This is remote client for Splunk log search engine based upon WWW::Splunk. It is currently quite limited in capabilities, but intended and designed to be extended in future.


--host <host> Sets remote server to connect to. Defaults to localhost.
--port <port> Sets port of remote server to connect to. Defaults to 8089. Please note that this is the management port, not the WWW interface port.
--login <login> User name of the user to connect to Splunk as. Defaults to admin. The defaults for username and password will probably (hopefully?) not suit your configuration.
--password <password> Password of the user to connect to Splunk as. Defaults to changeme.
--insecure Tolerate SSL errors.
<subcommand> [<arguments>] Subcommand to run. Currently defined is just search.


search [-t|--since <time>] [-T|--until <time>] [-f|--format compact|long|raw] <search string>

Conduct a search, output the raw log data as they are looked up. Terminate when the search is finished.
-t, --since <time> Cut off at given time. The time specification is any string understood by Date::Manip. Most common formats apply as well as human-readable relative time specifications (see EXAMPLES).
Use rt for real time search, optionally with specifcation of the search window, such as rt-10 for 10-second window, or rt-1m for one minute.
Defaults to unlimited.
-T, --until <time> Do not look for entries newer than given time. The format of the time specification is the same as for --since option.
If this or --since is rt a real-time search is conducted.
-f, --format compact|long|raw Switch output format style.


sc --host --login user --password s1kr3t2 search --since ’2 days ago’ --until yesterday ’network AND error | head 10’ Perform a simple search query limited by given time frame.
sc search --since ’rt-30’ ’source=/var/log/httpd/access_log |stats count by http_status_code’ Perform a simple real-time search.


WWW::Splunk, WWW::Splunk::API


Lubomir Rintel, <>, Michal Josef XpaXek <>
The code is hosted on GitHub <>. Bug fixes and feature enhancements are always welcome.


⇧ Top