Splunk Cloud Platform

Accessing Splunk Cloud Logs through Rest API

krishna821
Engager

Hello,

This is Krishna and I have been some POC about accessing Splunk logs through Rest API's. I was successful in calling the Rest API's through Spunk Enterprise version but in my company we have Splunk Cloud and so unable to call Rest API's as how I was able to do in Splunk Enterprise edition. I would like to know the details of how I can call Splunk Rest API's for Cloud edition.

Below are my findings

On my local instance of Splunk when I hit the below url it lists all the services available
https://localhost:8089/services(it asked me for admin credentials which I provided) in which I am interested in the https://localhost:8089/services/search/jobs 
so would like to call the similar ones for Cloud version
 
Thanks in Advance.
Labels (1)
0 Karma
1 Solution

isoutamo
SplunkTrust
SplunkTrust

You could access SCP’s REST api, but you must enable it first. Here is instructions how to do it https://docs.splunk.com/Documentation/SplunkCloud/latest/RESTTUT/RESTandCloud

View solution in original post

livehybrid
Super Champion

Hi @krishna821 

Most of the REST API endpoints you're likely using for on-premise are also available in Cloud.

The SplunkCloud REST API docs are at https://docs.splunk.com/Documentation/SplunkCloud/latest/RESTREF/RESTprolog 

You will need to ensure your egress IP is allow-listed on your Splunk Cloud environment as by default this is restricted. If you are not an admin on the Splunk Cloud platform then you will need to speak to your admin team to setup the allow-listing. For more information check out https://docs.splunk.com/Documentation/SplunkCloud/9.3.2411/Config/ConfigureIPAllowList

Note: I would recommend using Token authentication over user/password login. If your Splunk Cloud instance is using SAML/SSO authentication then you will need to use a token. 

🌟 Did this answer help you? If so, please consider:

  • Adding karma to show it was useful
  • Marking it as the solution if it resolved your issue
  • Commenting if you need any clarification

Your feedback encourages the volunteers in this community to continue contributing

isoutamo
SplunkTrust
SplunkTrust

You could access SCP’s REST api, but you must enable it first. Here is instructions how to do it https://docs.splunk.com/Documentation/SplunkCloud/latest/RESTTUT/RESTandCloud

Get Updates on the Splunk Community!

Splunk Observability Cloud’s AI Assistant in Action Series: Analyzing and ...

This is the second post in our Splunk Observability Cloud’s AI Assistant in Action series, in which we look at ...

Elevate Your Organization with Splunk’s Next Platform Evolution

 Thursday, July 10, 2025  |  11AM PDT / 2PM EDT Whether you're managing complex deployments or looking to ...

Splunk Answers Content Calendar, June Edition

Get ready for this week’s post dedicated to Splunk Dashboards! We're celebrating the power of community by ...