by splunk

Splunk Software Development Kit for Python

480 Stars 283 Forks Last release: 4 months ago (1.6.13) Apache License 2.0 1.2K Commits 27 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:

Build Status Documentation Status

The Splunk Software Development Kit for Python

Version 1.6.13

The Splunk Software Development Kit (SDK) for Python contains library code and examples designed to enable developers to build applications using Splunk.

Splunk is a search engine and analytic environment that uses a distributed map-reduce architecture to efficiently index, search and process large time-varying data sets.

The Splunk product is popular with system administrators for aggregation and monitoring of IT machine data, security, compliance and a wide variety of other scenarios that share a requirement to efficiently index, search, analyze and generate real-time notifications from large volumes of time series data.

The Splunk developer platform enables developers to take advantage of the same technology used by the Splunk product to build exciting new applications that are enabled by Splunk's unique capabilities.

Getting started with the Splunk SDK for Python

The Splunk SDK for Python contains library code and examples that show how to programmatically interact with Splunk for a variety of scenarios including searching, saved searches, data inputs, and many more, along with building complete applications.

The information in this Readme provides steps to get going quickly, but for more in-depth information be sure to visit the Splunk Developer Portal.


Here's what you need to get going with the Splunk SDK for Python.


The Splunk SDK for Python requires Python 2.7+, including Python 3. The Splunk SDK for Python has been tested with Python v2.7 and v3.5.


If you haven't already installed Splunk, download it here. For more about installing and running Splunk and system requirements, see Installing & Running Splunk. The Splunk SDK for Python has been tested with Splunk Enterprise 7.0 and 7.2.

Splunk SDK for Python

Get the Splunk SDK for Python; download the SDK as a ZIP and extract the files. Or, if you want to contribute to the SDK, clone the repository from GitHub.

Installing the SDK

You can install the Splunk SDK for Python libraries by using

[sudo] easy_install splunk-sdk


[sudo] pip install splunk-sdk

Or to install the Python egg

[sudo] pip install --egg splunk-sdk

Alternatively, you can use setup.py on the sources you cloned from GitHub:

[sudo] python setup.py install

However, it's not necessary to install the libraries to run the examples and unit tests from the SDK.

Running the examples and unit tests

To run the examples and unit tests, you must put the root of the SDK on your PYTHONPATH. For example, if you have downloaded the SDK to your home folder and are running OS X or Linux, add the following line to your .bash_profile:

export PYTHONPATH=~/splunk-sdk-python

The SDK command-line examples require a common set of arguments that specify things like the Splunk host, port, and login credentials. For a full list of command-line arguments, include

as an argument to any of the examples.


To connect to Splunk, many of the SDK examples and unit tests take command-line arguments that specify values for the host, port, and login credentials for Splunk. For convenience during development, you can store these arguments as key-value pairs in a text file named .splunkrc. Then, the SDK examples and unit tests use the values from the .splunkrc file when you don't specify them.

To use this convenience file, create a text file with the following format:

# Splunk host (default: localhost)
# Splunk admin port (default: 8089)
# Splunk username
# Splunk password
# Access scheme (default: https)
# Your version of Splunk (default: 5.0)

Save the file as .splunkrc in the current user's home directory.

  • For example on OS X, save the file as:

  • On Windows, save the file as:


    You might get errors in Windows when you try to name the file because ".splunkrc" looks like a nameless file with an extension. You can use the command line to create this file—go to the C:\Users\currentusername directory and enter the following command:

    Notepad.exe .splunkrc

    Click Yes, then continue creating the file.

Note: Storing login credentials in the .splunkrc file is only for convenience during development. This file isn't part of the Splunk platform and shouldn't be used for storing user credentials for production. And, if you're at all concerned about the security of your credentials, just enter them at the command line rather than saving them in this file.


Examples are located in the /splunk-sdk-python/examples directory. To run the examples at the command line, use the Python interpreter and include any arguments that are required by the example:

python examplename.py --username="admin" --password="changeme"

If you saved your login credentials in the .splunkrc file, you can omit those arguments:

python examplename.py

To get help for an example, use the

argument with an example:
python examplename.py --help

Unit tests

The Splunk SDK for Python contains a collection of unit tests. To run them, open a command prompt in the /splunk-sdk-python directory and enter:


You can also run individual test files, which are located in /splunk-sdk-python/tests. The following command explains how to run a specific test:

make test_specific

The test suite uses Python's standard library, the built-in

, and

Important Notes:

The test run will fail unless the SDK App Collection is installed.

You can exclude app-specific tests with the following command:

make test_no_app

You can read more about our testing framework on GitHub.

In addition, the test run requires the searchcommands app to be built. The

command runs the tasks to do this, but more complex testing may require you to rebuild using
make build_app


/docs Source for Sphinx-based docs and build
/examples Examples demonstrating various SDK features
/splunklib Source for the Splunk library modules
/tests Source for unit tests
/utils Source for utilities shared by the examples and unit tests


The CHANGELOG.md file in the root of the repository contains a description of changes for each version of the SDK. You can also find it online at https://github.com/splunk/splunk-sdk-python/blob/master/CHANGELOG.md.


The master branch always represents a stable and released version of the SDK. You can read more about our branching model on our Wiki at https://github.com/splunk/splunk-sdk-python/wiki/Branching-Model.

Documentation and resources

If you need to know more:


Stay connected with other developers building on Splunk.

Email [email protected]
Issues https://github.com/splunk/splunk-sdk-python/issues/
Answers http://splunk-base.splunk.com/tags/python/
Blog http://blogs.splunk.com/dev/
Twitter @splunkdev

How to contribute

If you would like to contribute to the SDK, go here for more information:


  1. You will be granted support if you or your company are already covered under an existing maintenance/support agreement. Submit a new case in the Support Portal and include "Splunk SDK for Python" in the subject line.
  2. If you are not covered under an existing maintenance/support agreement, you can find help through the broader community at:
    • Splunk Answers (use the sdk, java, python, and javascript tags to identify your questions)
  3. Splunk will NOT provide support for SDKs if the core library (the code in the /splunklib directory) has been modified. If you modify an SDK and want support, you can find help through the broader community and Splunk answers (see above). We would also like to know why you modified the core library—please send feedback to [email protected]
  4. File any issues on GitHub.

Contact Us

You can contact support if you have Splunk related questions.

You can reach the Developer Platform team at [email protected].


The Splunk Software Development Kit for Python is licensed under the Apache License 2.0. Details can be found in the file LICENSE.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.