WWW::Splunk - Client library for Splunk log search engine
use WWW::Splunk; my $splunk = new WWW::Splunk ({ host => $host, port => $port, login => $login, password => $password, unsafe_ssl => 1, }); my $sid = $splunk->start_search ('selinux avc'); $splunk->poll_search ($sid); until ($splunk->results_read ($sid)) { print scalar $splunk->search_results ($sid); } print " results found\n";
This module contains utility functions for Splunk API, implementing version 4.1 API, verified to work with 4.2, 4.3 and 5.0.3 versions.
Initiate a search, return a SID (Search ID) string.
Initiate a real-time search, calling a callback for each line matched.
Finishes only if connection terminates (potentially never), returning number of results consumed.
Return true if the search is finished.
Wait for a search to finish.
Return an array of the matched events. If called multiple times, it only returns events which were added from the time of the last call. Oh, and you can't run multiple search concurrently with single WWW::Splunk instance. Otherwise, WWW::Splunk is perfectly thread-safe.
Return true if search is finished and all there are no more results to read (everything was fetched with search_results).
Lubomir Rintel, <lkundrak@v3.sk>
The code is hosted on GitHub http://github.com/lkundrak/perl-WWW-Splunk. Bug fixes and feature enhancements are always welcome.
To install WWW::Splunk, copy and paste the appropriate command in to your terminal.
cpanm
cpanm WWW::Splunk
CPAN shell
perl -MCPAN -e shell install WWW::Splunk
For more information on module installation, please visit the detailed CPAN module installation guide.