My favorites | Sign in
Project Logo
Project Home
  
Downloads
  
Wiki
  
Issues
  
Source
    
Summary | Updates | People
Code license: New BSD License
Feeds:
Groups:
People details
Project owners:
  budchee, johnvey, hazedav, killersoft
Project committers:
kordless

This project provides a library with source code and examples written in PHP for coding against the Splunk Platform APIs.

More information on coding against Splunk is hosted over on the Splunk Labs pages at: http://code.google.com/p/splunk-labs/

Splunk's PHP SDK

Splunk's PHP SDK is a public domain library providing PHP development wrapper for projects based around Splunk's search engine.

Please note this an early beta release of the SDK, and as such, hasn't been throughly tested. If you find any bugs, or need assistance feel free to leave a comment on the Splunk Labs list.

You can request to join the Splunk Labs project here on Google Code by emailing your Gmail email address in the SUBJECT line of your email to splunk-labs@splunk.com.

Introduction

Splunk PHP SDK is a wrapper around Splunk's REST API, providing an object model for the major functional components of the Splunk server. The following components are currently accessible via the SDK:

We continue to work on implementing the wrappers for the other components of the server, including user roles and permissions.

There are many levels of possible Splunk integration, so we provided developers the ability to communicate with the Platform API - from raw http streaming to custom-tailored objects and SQL-style components.

Requirements

Splunk PHP SDK client is dependent on two external libraries that you will need to have installed:

Installation

Splunk PHP SDK comes in a form of several php files that have to be made accessible from your project. Get the latest stable version of the sdk from the trunk or check out a more featured, but less stable branch.

Documentation

Documentation section is currently under construction.

Example usage

NOTE This and the following examples are provided for the unstable version of the sdk.

This simple example establishes a connection with a Splunk server, using it to dispatch a new search job. Then it receives search results and sends them to standard output. 

<?php

include 'splunk_con.php';

echo "Retrieving Session Key..."."\n";
$con = new SplunkConnection();
$sessionKey = $con->Authenticate();

echo "Creating Search Job..."."\n";
$searchMgr = new SearchManager($con);
$job_id = $searchMgr->syncSearch('search error', null);

echo "Retrieving Job Events..."."\n";
$events = $searchMgr->getJobEvents($job_id, true, null);
foreach($events as $event)
	print_r($event);

echo "Deleting The Job... "."\n";
$searchMgr->deleteJob($job_id);
?>

More Examples

If you host a Splunk install on your own server you don't need to obtain a public API key. A session key will be assigned to your program automatically based on your login and password.

  1. Dispatching and controlling search jobs.
  2. Listing search jobs.
  3. Working with configuration files.

Acknowledgements

Special thanks to David Hazekamp - MotoSOC - (224-639-3624) for collaboration in this project.









Hosted by Google Code