The Watchtower • Room 2

Splunk CLI Troubleshooting Tools

The Splunk CLI provides powerful troubleshooting commands. splunk diag generates a diagnostic bundle with logs, configs, and system info — essential when opening a support case.

splunk list forward-server shows the forwarding target configuration. splunk display listen shows what ports are listening for incoming data.

splunk search lets you run SPL queries directly from the command line — useful for scripting and automation.

Common CLI commands

./splunk diag                    # Generate diagnostic bundle
./splunk list forward-server     # Show forwarding targets
./splunk display listen          # Show receiving ports
./splunk reload deploy-server    # Reload deployment server

Knowledge Check

Prove your understanding to clear the room (Rewards XP)

❤️❤️❤️

Question 1 of 2

What does "splunk diag" create?

AA new index

BA diagnostic bundle

CA user account

DA backup