Skip to content

Instantly share code, notes, and snippets.

@pmgupte

pmgupte/splunk_commands.md

Last active August 31, 2016 06:58
Show Gist options
  • Save pmgupte/22700b735baad7be49a0a44e0513d694 to your computer and use it in GitHub Desktop.
Save pmgupte/22700b735baad7be49a0a44e0513d694 to your computer and use it in GitHub Desktop.
Download ZIP
Collection of Splunk commands which I find handy to use.
Raw
splunk_commands.md

Table of Contents

  1. Delete selected events
  2. Clean index
  3. Refresh Splunk

1. Delete selected events

` | delete`

In order to use this command, you need to have can_delete role added to your user.

2. Clean index

`splunk clean eventdata -index -f`

If you want to clean all indices, use following command.

splunk clean eventdata -f

3. Refresh Splunk

To refresh your Splunk without restarting, hit following URL in your browser.

<your Splunk server>/debug/refresh

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment