As a beginner, how do I actually get to the Splunk CLI to put commands in ?
See About the CLI in the Admin Manual.
Briefly:
$SPLUNK_HOME/bin
to your path../splunk commandName
or you install this app https://splunkbase.splunk.com/app/1607/ and access it in the Splunk UI without worrying where to cd
to 😉 You will be directly in the right place and can start using the cli
as Splunk user...
cheers, MuS
MuS, you are amazing. 🙂
You need a shell account on the server on which Splunk runs (Windows, Linux). You also need permission to run Splunk (SPLUNK_HOME/bin/splunk).