Plugin

splunk-assistant-skills

Name: splunk-assistant-skills
Author: grandcamel

14 specialized skills for natural language Splunk automation - search, job management, exports, and administration via Claude Code

Component Overview

/assistant-skills-setup, /browse-skills +2

Commands

Agents

splunk-alert, splunk-app +12

Skills

Hooks

MCP Servers

LSP Servers

Output Styles

Themes

Monitors

Install

npx claudepluginhub grandcamel/splunk-assistant-skills --plugin splunk-assistant-skills

Component Details

Commands (4)

assistant-skills-setup

/assistant-skills-setup

Set up Splunk Assistant Skills - Python environment, dependencies, and credentials

browse-skills

/browse-skills

Browse all available Splunk Assistant skills with descriptions

skill-info

/skill-info

Show detailed information about a specific Splunk skill

splunk-discover-instance

/splunk-discover-instance

Discover Splunk deployment type, version, and capabilities

Skills (14)

splunk-alert

/skills/splunk-alert

Alert triggering, monitoring, and notification management for Splunk.

splunk-app

/skills/splunk-app

Splunk application management.

splunk-assistant

/skills/splunk-assistant

Central hub and router for Splunk Assistant Skills. Routes requests to 17 CLI command groups using 3-level progressive disclosure.

splunk-export

/skills/splunk-export

High-volume streaming data extraction for Splunk.

splunk-job

/skills/splunk-job

Search job lifecycle orchestration for Splunk.

splunk-kvstore

/skills/splunk-kvstore

Interaction with App Key Value Store for persistent metadata.

splunk-lookup

/skills/splunk-lookup

CSV and lookup file management for Splunk.

splunk-metadata

/skills/splunk-metadata

Query index, source, and sourcetype configurations for Splunk.

splunk-metrics

/skills/splunk-metrics

Real-time metrics and data point analysis for Splunk.

splunk-rest-admin

/skills/splunk-rest-admin

Programmatic access to internal configurations via REST command.

splunk-savedsearch

/skills/splunk-savedsearch

CRUD for reports and scheduled searches in Splunk.

splunk-search

/skills/splunk-search

SPL query execution in multiple modes for Splunk.

splunk-security

/skills/splunk-security

Token management, RBAC, and ACL verification for Splunk.

splunk-tag

/skills/splunk-tag

Knowledge object tags and field/value associations for Splunk.

README

Splunk Assistant Skills

80%

_{Faster than manual
SPL workflows}

14

_{Specialized skills
one conversation}

83

_{Production-ready
Python scripts}

0

_{SPL syntax
to memorize}

Talk to Splunk like a colleague, not a query language.
_{Natural language search, job management, and administration for Splunk via Claude Code.}

> "Show me error patterns in the main index from the last hour"

Claude: Running SPL query...
  index=main error earliest=-1h | stats count by host, sourcetype | sort -count

Found 847 errors across 12 hosts. Top sources:
  web-prod-01  nginx:error     423
  api-srv-03   application     298
  db-master    postgresql      126

Get Started • Skills • Use Cases • Architecture

The Difference

The SPL Way

index=main sourcetype=access_combined
| eval response_time=response_time/1000
| where response_time > 2
| stats avg(response_time) as avg_rt,
        max(response_time) as max_rt,
        count by host
| sort -count
| head 10

Hope you remembered the syntax...

The Natural Way

"Show me slow API responses over 2 seconds,
 grouped by host, top 10"

Just ask.

Time Saved

Task	Traditional Splunk	Splunk Assistant	Saved
Write complex SPL query	5-15 min	30 sec	90%
Check job status & results	2-3 min	10 sec	95%
Export large dataset	5-10 min	1 min	85%
Create saved search	3-5 min	30 sec	90%
Debug search errors	5-20 min	1 min	80%

Typical user: Save 3-5 hours per week.

Quick Start

Option A: Install as Claude Code Plugin (Recommended)

# Install from GitHub
claude plugin add github:grandcamel/Splunk-Assistant-Skills

Option B: Manual Installation

1. Clone and Install Dependencies

git clone https://github.com/grandcamel/Splunk-Assistant-Skills.git
cd Splunk-Assistant-Skills
pip install -r requirements.txt

2. Get API Token

Log into Splunk Web
Go to Settings > Tokens
Click New Token, select your user
Copy the generated token

3. Configure

# Set environment variables
export SPLUNK_TOKEN="your-jwt-token"
export SPLUNK_SITE_URL="https://splunk.example.com"

# Or create .claude/settings.local.json for profiles

4. Install CLI

# Install the splunk-as CLI
pip install splunk-as

# Verify installation
splunk-as --version

5. Start Using

# CLI usage (recommended)
splunk-as search oneshot "index=main | stats count by sourcetype" --earliest -1h

# Or with Claude Code
> "Search for errors in the main index from the last hour"

That's it. Claude now has full Splunk access.

Full Setup Guide

Setup (Assistant Skills)

If you installed via the plugin system, run the setup wizard:

/assistant-skills-setup

This configures:

Shared Python venv at ~/.assistant-skills-venv/
Required dependencies from requirements.txt
Environment variables (prompts you to set credentials)
claude-as shell function for running Claude with dependencies

After setup, use claude-as instead of claude:

claude-as  # Runs Claude with Assistant Skills venv activated

Environment Variables

View full README on GitHub

Similar Plugins

fullstack-dev-skills

8.6k

200

Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.

Stats

Version2.0.0

Stars7

Forks2

MaintenanceExcellent

LicenseMIT

Last CommitFeb 1, 2026

AddedFeb 1, 2026

Actions

View on GitHub View README Plugin Marketplace JSON Homepage

Available In

splunk-assistant-skills cascade-data-analytics

Splunk Assistant Skills

80%

_{Faster than manual
SPL workflows}

14

_{Specialized skills
one conversation}

83

_{Production-ready
Python scripts}

0

_{SPL syntax
to memorize}

Talk to Splunk like a colleague, not a query language.
_{Natural language search, job management, and administration for Splunk via Claude Code.}

> "Show me error patterns in the main index from the last hour"

Claude: Running SPL query...
  index=main error earliest=-1h | stats count by host, sourcetype | sort -count

Found 847 errors across 12 hosts. Top sources:
  web-prod-01  nginx:error     423
  api-srv-03   application     298
  db-master    postgresql      126

Get Started • Skills • Use Cases • Architecture

The Difference

The SPL Way

index=main sourcetype=access_combined
| eval response_time=response_time/1000
| where response_time > 2
| stats avg(response_time) as avg_rt,
        max(response_time) as max_rt,
        count by host
| sort -count
| head 10

Hope you remembered the syntax...

The Natural Way

"Show me slow API responses over 2 seconds,
 grouped by host, top 10"

Just ask.

Time Saved

Task	Traditional Splunk	Splunk Assistant	Saved
Write complex SPL query	5-15 min	30 sec	90%
Check job status & results	2-3 min	10 sec	95%
Export large dataset	5-10 min	1 min	85%
Create saved search	3-5 min	30 sec	90%
Debug search errors	5-20 min	1 min	80%

Typical user: Save 3-5 hours per week.

Quick Start

Option A: Install as Claude Code Plugin (Recommended)

# Install from GitHub
claude plugin add github:grandcamel/Splunk-Assistant-Skills

Option B: Manual Installation

1. Clone and Install Dependencies

git clone https://github.com/grandcamel/Splunk-Assistant-Skills.git
cd Splunk-Assistant-Skills
pip install -r requirements.txt

2. Get API Token

Log into Splunk Web
Go to Settings > Tokens
Click New Token, select your user
Copy the generated token

3. Configure

# Set environment variables
export SPLUNK_TOKEN="your-jwt-token"
export SPLUNK_SITE_URL="https://splunk.example.com"

# Or create .claude/settings.local.json for profiles

4. Install CLI

# Install the splunk-as CLI
pip install splunk-as

# Verify installation
splunk-as --version

5. Start Using

# CLI usage (recommended)
splunk-as search oneshot "index=main | stats count by sourcetype" --earliest -1h

# Or with Claude Code
> "Search for errors in the main index from the last hour"

That's it. Claude now has full Splunk access.

Full Setup Guide

Setup (Assistant Skills)

If you installed via the plugin system, run the setup wizard:

/assistant-skills-setup

This configures:

Shared Python venv at ~/.assistant-skills-venv/
Required dependencies from requirements.txt
Environment variables (prompts you to set credentials)
claude-as shell function for running Claude with dependencies

After setup, use claude-as instead of claude:

claude-as  # Runs Claude with Assistant Skills venv activated

splunk-assistant-skills

Component Overview

Install

Component Details

Commands (4)

Skills (14)

README

Splunk Assistant Skills

80%

14

83

0

The Difference

The SPL Way

The Natural Way

Time Saved

Quick Start

Option A: Install as Claude Code Plugin (Recommended)

Option B: Manual Installation

1. Clone and Install Dependencies

2. Get API Token

3. Configure

4. Install CLI

5. Start Using

Setup (Assistant Skills)

Environment Variables

Similar Plugins

fullstack-dev-skills

splunk-assistant-skills

Component Overview

Install

Component Details

Commands (4)

Skills (14)

README

Splunk Assistant Skills

80%

14

83

0

The Difference

The SPL Way

The Natural Way

Time Saved

Quick Start

Option A: Install as Claude Code Plugin (Recommended)

Option B: Manual Installation

1. Clone and Install Dependencies

2. Get API Token

3. Configure

4. Install CLI

5. Start Using

Setup (Assistant Skills)

Environment Variables

Similar Plugins

fullstack-dev-skills

team-skills-platform

gsd-build-get-shit-done

chrome-devtools-mcp

godot-claude-skills

superpowers