Splunk Enterprise

Gain operational intelligence by collecting, indexing, and visualizing data using a powerful on-premises engine for actionable insights.

Get Started

Set up and explore your self-managed Splunk Enterprise deployment to onboard, search, and visualize your data for actionable insights.

Administer

Install, administer, monitor, and troubleshoot all aspects of your Splunk Enterprise deployment.

Search

Search, transform, and analyze your data efficiently with the Splunk Search Processing Language (SPL), SPL2, and Federated Search.

Manage Knowledge Objects

Create, use, and manage event types, tags, lookups, field extractions, workflow actions, reports, views, and data models.

Leverage REST APIs

Interact with and manage your deployment and data using REST APIs designed for searches, configurations, and resource management.

Release Notes and Updates

View release notes and resources for Splunk Enterprise, including information on updating distributed Splunk Enterprise instances and the compatiblity matrix.

Create Dashboards and Reports

Explore data, export search results, and visualize key trends in the Search & Reporting app, Dashboard Studio, XML dashboards, and Analytics Workspace.

Alert and Respond

Set up alerts from saved searches and stay informed with notifications through Splunk On-Call and Splunk Mobile for timely responses to critical events.

Apply Machine Learning

Explore advanced analytics and uncover patterns with the AI Toolkit, App for Anomaly Detection, and App for Data Science and Deep Learning.

Get Data In

Get data in to the Splunk platform with agents, Splunk-supported integrations, and developer add-ons to collect, enrich, and prepare your data for analysis.

Forward and Process Data

Get data in to your Splunk platform deployment with forwarders, then process your data with ingest actions.

Process Data at the Edge

Use the Edge Processor solution to process your data with SPL2 at the edge of your network before you send it to external destinations.

Connect Relational Databases

Integrate database information with Splunk searches and reports using Splunk DB Connect, a SQL database extension for the Splunk platform.

Collect Stream Data

Capture, filter, index, and analyze live network data with Splunk Stream to uncover insights into network trends, application performance, and security threats.

Common Information Model

Extract value from and normalize data for maximum effiency using preconfigured data models from the Splunk Common Information Model (CIM).

InfoSec App for Splunk

Address common security use cases, including continuous monitoring and security investigations, with extensible dashboards and alerts using this starter security app.

Using Splunk Mobile

Get live updates and visualizations from the Splunk platform on your Android or iOS device.

Splunk OT Intelligence

Set up and administer your Splunk Edge Hub OS mobile app deployment with the Splunk OT Intelligence companion app for Splunk Web.

REST API Reference

Explore the REST API reference to integrate, manage, and interact with your Splunk platform environment programmatically using comprehensive endpoints.

Splunk POD

Accelerate time to value with Splunk POD on Cisco UCS hardware.

SPL Search Reference

Access the Splunk Quick Reference Guide and find search commands, syntax descriptions, and examples for the Splunk Search Processing Language (SPL).

Splunk Validated Architectures

Implement trusted Splunk Validated Architectures (SVAs) for stable, efficient deployments built on reliable best practices.

Developing Views and Apps for Splunk Web

Learn about APIs and other Splunk platform customization options.

Translated Documentation

Localized versions of some Splunk Enterprise manuals are available.

MCP Server for Splunk Platform

Connect AI assistants, agents, and other intelligent systems to your data in the Splunk platform using the Model Context Protocol.