The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.
 / 
WWW-Splunk-1.03
River stage zero No dependents
/ WWW::Splunk

NAME

WWW::Splunk - Client library for Splunk log search engine

SYNOPSIS

  use WWW::Splunk;

  my $splunk = new WWW::Splunk::API ({
          host    => $host,
          port    => $port,
          login   => $login,
          password => $password,
          unsafe_ssl => 1,
  });

  my $sid = $splunk->start_search ('selinux avc');
  $splunk->poll_search ($sid);
  print scalar $splunk->search_results ($sid);
  print " results found\n";

Please consider this an alpha quality code, whose API can change at any time, until we reach version 2.0. There are known glitches in the code quality now. Remember the code is the best documentation for now.

DESCRIPTION

This module contains utility functions for Splunk 4.1 and 4.1.1 search API.

start_search (string)

Initiate a search, return a SID (Search ID) string.

search_done (sid)

Return true if the search is finished.

poll_search (sid)

Wait for a search to finish.

search_results (sid)

Return an array of the matched events. If called multiple times, it only returns events which were added from the time of the last call. Oh, and you can't run multiple search concurrently with single WWW::Splunk instance. Otherwise, WWW::Splunk is perfectly thread-safe.

AUTHORS

Lubomir Rintel, <lkundrak@v3.sk>

The code is hosted on GitHub http://github.com/lkundrak/perl-WWW-Splunk. Bug fixes and feature enhancements are always welcome.