Splunk Cloud Platform
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Accessing Splunk Cloud Logs through Rest API

krishna821
Engager
3 weeks ago

Hello,

This is Krishna and I have been some POC about accessing Splunk logs through Rest API's. I was successful in calling the Rest API's through Spunk Enterprise version but in my company we have Splunk Cloud and so unable to call Rest API's as how I was able to do in Splunk Enterprise edition. I would like to know the details of how I can call Splunk Rest API's for Cloud edition.

Below are my findings

On my local instance of Splunk when I hit the below url it lists all the services available
https://localhost:8089/services(it asked me for admin credentials which I provided) in which I am interested in the https://localhost:8089/services/search/jobs 
so would like to call the similar ones for Cloud version
 
Thanks in Advance.
Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

isoutamo
SplunkTrust
SplunkTrust
3 weeks ago

You could access SCP’s REST api, but you must enable it first. Here is instructions how to do it https://docs.splunk.com/Documentation/SplunkCloud/latest/RESTTUT/RESTandCloud

View solution in original post

Reply
Solved! Jump to solution

livehybrid
Super Champion
3 weeks ago

Hi @krishna821 

Most of the REST API endpoints you're likely using for on-premise are also available in Cloud.

The SplunkCloud REST API docs are at https://docs.splunk.com/Documentation/SplunkCloud/latest/RESTREF/RESTprolog 

You will need to ensure your egress IP is allow-listed on your Splunk Cloud environment as by default this is restricted. If you are not an admin on the Splunk Cloud platform then you will need to speak to your admin team to setup the allow-listing. For more information check out https://docs.splunk.com/Documentation/SplunkCloud/9.3.2411/Config/ConfigureIPAllowList

Note: I would recommend using Token authentication over user/password login. If your Splunk Cloud instance is using SAML/SSO authentication then you will need to use a token. 

🌟 Did this answer help you? If so, please consider:

  • Adding karma to show it was useful
  • Marking it as the solution if it resolved your issue
  • Commenting if you need any clarification

Your feedback encourages the volunteers in this community to continue contributing

Reply
Solved! Jump to solution
Solution

isoutamo
SplunkTrust
SplunkTrust
3 weeks ago

You could access SCP’s REST api, but you must enable it first. Here is instructions how to do it https://docs.splunk.com/Documentation/SplunkCloud/latest/RESTTUT/RESTandCloud

Reply
Get Updates on the Splunk Community!

Splunk Observability Cloud’s AI Assistant in Action Series: Analyzing and ...

This is the second post in our Splunk Observability Cloud’s AI Assistant in Action series, in which we look at ...

Elevate Your Organization with Splunk’s Next Platform Evolution

 Thursday, July 10, 2025  |  11AM PDT / 2PM EDT Whether you're managing complex deployments or looking to ...

Splunk Answers Content Calendar, June Edition

Get ready for this week’s post dedicated to Splunk Dashboards! We're celebrating the power of community by ...
Top