Splunk Enterprise
Gain operational intelligence by collecting, indexing, and visualizing data using a powerful on-premises engine for actionable insights.
Get Started
Set up and explore your self-managed Splunk Enterprise deployment to onboard, search, and visualize your data for actionable insights.
Administer
Install, administer, monitor, and troubleshoot all aspects of your Splunk Enterprise deployment.
Search
Search, transform, and analyze your data efficiently with the Splunk Search Processing Language (SPL), SPL2, and Federated Search.
Manage Knowledge Objects
Create, use, and manage event types, tags, lookups, field extractions, workflow actions, reports, views, and data models.
Leverage REST APIs
Interact with and manage your deployment and data using REST APIs designed for searches, configurations, and resource management.
Release Notes and Updates
View release notes and resources for Splunk Enterprise, including information on updating distributed Splunk Enterprise instances and the compatiblity matrix.
Analytics and Insights
Create Dashboards and Reports
Explore data, export search results, and visualize key trends in the Search & Reporting app, Dashboard Studio, XML dashboards, and Analytics Workspace.
Alert and Respond
Set up alerts from saved searches and stay informed with notifications through Splunk On-Call and Splunk Mobile for timely responses to critical events.
Apply Machine Learning
Explore advanced analytics and uncover patterns with the AI Toolkit, App for Anomaly Detection, and App for Data Science and Deep Learning.
Data Sources
Get Data In
Get data in to the Splunk platform with agents, Splunk-supported integrations, and developer add-ons to collect, enrich, and prepare your data for analysis.
Forward and Process Data
Get data in to your Splunk platform deployment with forwarders, then process your data with ingest actions.
Process Data at the Edge
Use the Edge Processor solution to process your data with SPL2 at the edge of your network before you send it to external destinations.
Connect Relational Databases
Integrate database information with Splunk searches and reports using Splunk DB Connect, a SQL database extension for the Splunk platform.
Collect Stream Data
Capture, filter, index, and analyze live network data with Splunk Stream to uncover insights into network trends, application performance, and security threats.
Related Apps and Add-ons
Common Information Model
Extract value from and normalize data for maximum effiency using preconfigured data models from the Splunk Common Information Model (CIM).
InfoSec App for Splunk
Address common security use cases, including continuous monitoring and security investigations, with extensible dashboards and alerts using this starter security app.
Using Splunk Mobile
Get live updates and visualizations from the Splunk platform on your Android or iOS device.
Splunk OT Intelligence
Set up and administer your Splunk Edge Hub OS mobile app deployment with the Splunk OT Intelligence companion app for Splunk Web.
Related Resources
REST API Reference
Explore the REST API reference to integrate, manage, and interact with your Splunk platform environment programmatically using comprehensive endpoints.
Splunk POD
Accelerate time to value with Splunk POD on Cisco UCS hardware.
SPL Search Reference
Access the Splunk Quick Reference Guide and find search commands, syntax descriptions, and examples for the Splunk Search Processing Language (SPL).
Splunk Validated Architectures
Implement trusted Splunk Validated Architectures (SVAs) for stable, efficient deployments built on reliable best practices.
Developing Views and Apps for Splunk Web
Learn about APIs and other Splunk platform customization options.
Translated Documentation
Localized versions of some Splunk Enterprise manuals are available.
MCP Server for Splunk Platform
Connect AI assistants, agents, and other intelligent systems to your data in the Splunk platform using the Model Context Protocol.