Splunk Reskit Powershell Save Abandoned

Splunk Resource Kit for Powershell

Project README

Notice of archival

May 22nd, 2018: We had some fun, but this project has not been actively maintained for some time. Feel free to fork and prosper, but at this time, Splunk will not be making any future contributions to the project.

Splunk PowerShell Resource Kit

The Splunk PowerShell Resource Kit enables IT administrators to manage their Splunk topology, configure Splunk internals, and engage the Splunk search engine from their PowerShell session.

Example Uses

Here are a few of the tasks enabled by the Resource Kit:

  • Determine or change the status of Splunk services across a set of Splunk servers in parallel.
  • Force one or more Splunk servers to reload their configuration, in parallel.
  • Deploy multiple Splunk forwarders to all active hosts in a Windows domain.
  • Retrieve a list of Splunk server classes, optionally filtered by last deployment client connection time, associated applications, or matching patterns.
  • Issue a Splunk search and format the retrieved events as a table, a list, or in a windowed grid view.


  1. Download the source code repository. Unblock the ZIP archive and extract it to a folder. (You can alternatively clone the GitHub repository)
  2. Open the folder to which you extracted or cloned the source code.
  3. Run install.bat. This will copy the Splunk PowerShell module into your module path.

To verify the Splunk module is available, open PowerShell and type:

get-module Splunk

You should see output similar to the following:

ModuleType Name                      ExportedCommands                                                           
---------- ----                      ----------------                                                           
Script     splunk                    {... 


Most of the documentation lives in the "Splunk PowerShell Resource Kit Cookbook", which we highly recommend you read. You can find it here at Docs/Splunk PowerShell Resource Kit.docx


You can find anything having to do with developing on Splunk at the Splunk developer portal:

You can also find full reference documentation of the REST API:




The Splunk PowerShell Resource Kit is licensed under the Apache License 2.0. Details can be found in the file LICENSE.

Open Source Agenda is not affiliated with "Splunk Reskit Powershell" Project. README Source: splunk/splunk-reskit-powershell
Open Issues
Last Commit
5 years ago

Open Source Agenda Badge

Open Source Agenda Rating