Tools¶
What are Agentic AI Tools?¶
AI tools enable the agent to discover indexes and knowledge objects, query data, and execute searches in your Splunk environment. By gathering this information, the tools enrich the agent's context and enable it to provide more accurate answers.
Note
All tools respect Splunk permissions and access controls. The AI agent can only access indexes and knowledge objects that the logged-in user can access.
Index Tools¶
| Tool | Description |
|---|---|
list_indexes |
Lists all available Splunk indexes in your environment. |
get_index_properties |
Retrieves configuration properties for one or more Splunk indexes. |
get_index_metadata |
Retrieves metadata about data stored in indexes, including sourcetypes, sources, and hosts. |
Search Tools¶
| Tool | Description |
|---|---|
sample_index_data |
Samples event structure and summary fields from one or more indexes. |
validate_search_query |
Validates an SPL search query by checking proper syntax and parsing. |
run_search_query |
Executes an SPL search query and returns results along with summary fields. |
Dashboard Tools¶
| Tool | Description |
|---|---|
list_dashboards |
Lists all available dashboards in your Splunk environment. |
get_dashboard_data |
Retrieves data for a specific dashboard, including its queries and visualizations. |