The Splunk PowerShell Resource Kit enables Windows administrators to manage and extend their Splunk environment to support a variety of tasks. The first version allows administrators to manage Splunk’s topology, configure its internal, and engage the Splunk search engine.
Get the Splunk PowerShell Resource Kit
There are numerous search, deployment and configuration scenarios supported by over forty
PowerShell-Splunk modules, including:
Check and Manage Splunk Services
- Test Active Directory Objects for Splunk Services
- Query the Status of Splunk Services on a Set of Hosts
- Manage Splunk Services on a Set of Hosts
- Restart Splunk
Search Splunk
- View Raw Event Data
- View Event Data in a Table
- Specify Alternate Credentials for a Splunk Search
Deploy Splunk
- Install a Splunk Forwarder Remotely using an MSI
- Install a Splunk Forwarder Remotely using GNU wget
- Deploy Forwarders to all Hosts from Active Directory
- Deploy Forwarders to all Hosts in an Active Directory Organizational Unit
- Deploy Forwarders to all Hosts in an Active Directory Group
- Deploy Forwarders to all Hosts in a Domain
Manage Splunk Server Classes
- Retrieve a List of Server Classes
- Retrieve a List of Deployment Clients
- Create a New Server Class
- Remove a Server Class
- Add Hosts from Active Directory to Server Class White List
- Add Hosts from an Active Directory Organizational Unit to Server Class White List
- Add Hosts from an Active Directory Group to Server Class White List
- Add List of Hosts from Splunk Search to Server Class White List
- Add a Host to the Black List of an Existing Server Class
- Add an Entire Domain to a Server Class White List
- Add a List of VM Host Names from HyperV to a Server Class White List