get_admin_guide
Retrieve comprehensive Splunk administration guides for any topic, covering configuration, management, and best practices, with version-specific details.
Instructions
Get detailed Splunk administration documentation for specific topics. Returns comprehensive administration guides with configuration, management, and best practices as an embedded resource.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| topic | Yes | Administration topic. Use list_admin_topics() to see all available topics. Common topics include: - 'indexes' - Index management and configuration - 'authentication' - User authentication setup - 'users' - User management and roles - 'apps' - Application management - 'deployment' - Deployment configuration - 'monitoring' - System monitoring setup - 'performance' - Performance optimization - 'security' - Security configuration - 'forwarders' - Forwarder configuration - 'clustering' - Clustering setup | |
| version | No | Splunk version for documentation. Examples: - '9.4' - Splunk 9.4 documentation - '9.3' - Splunk 9.3 documentation - 'latest' - Latest version (default) | latest |
| auto_detect_version | No | Whether to auto-detect Splunk version from connected instance. Defaults to True. |
Implementation Reference
- The GetAdminGuide class is the handler (tool) implementation. Its execute() method (lines 1167-1204) takes topic, version, and auto_detect_version arguments, creates an AdminGuideResource, and returns the admin guide content as an embedded resource.
class GetAdminGuide(BaseTool): """ Get Splunk administration documentation. Returns detailed administration guides for specific topics. """ METADATA = ToolMetadata( name="get_admin_guide", description=( "Get detailed Splunk administration documentation for specific topics. " "Returns comprehensive administration guides with configuration, management, " "and best practices as an embedded resource.\n\n" "Args:\n" " topic (str): Administration topic. Use list_admin_topics() to see all " "available topics. Common topics include:\n" " - 'indexes' - Index management and configuration\n" " - 'authentication' - User authentication setup\n" " - 'users' - User management and roles\n" " - 'apps' - Application management\n" " - 'deployment' - Deployment configuration\n" " - 'monitoring' - System monitoring setup\n" " - 'performance' - Performance optimization\n" " - 'security' - Security configuration\n" " - 'forwarders' - Forwarder configuration\n" " - 'clustering' - Clustering setup\n" " version (str, optional): Splunk version for documentation. Examples:\n" " - '9.4' - Splunk 9.4 documentation\n" " - '9.3' - Splunk 9.3 documentation\n" " - 'latest' - Latest version (default)\n" " auto_detect_version (bool, optional): Whether to auto-detect Splunk version " "from connected instance. Defaults to True.\n\n" "Returns embedded resource with detailed administration guide.\n\n" "💡 Tip: Use list_admin_topics() to discover all available topics." ), category="documentation", tags=["administration", "configuration", "guides", "embedded-resource"], requires_connection=False, ) async def execute( self, ctx: Context, topic: str, version: str = "latest", auto_detect_version: bool = True ) -> dict[str, Any]: """Execute admin guide retrieval and return embedded resource.""" log_tool_execution( self.name, topic=topic, version=version, auto_detect_version=auto_detect_version ) try: # Auto-detect version if requested if auto_detect_version and version in ["auto", "latest"]: version = await self._detect_splunk_version(ctx) resource = AdminGuideResource(version, topic) content = await resource.get_content(ctx) uri = f"splunk-docs://{version}/admin/{topic}" return self.format_success_response( { "content": [ { "type": "resource", "resource": { "uri": uri, "title": f"Admin Guide: {topic}", "mimeType": "text/markdown", "text": content, }, } ] } ) except Exception as e: error_msg = f"Failed to retrieve admin guide for topic '{topic}': {str(e)}" self.logger.error(error_msg) return self.format_error_response(error_msg) async def _detect_splunk_version(self, ctx: Context) -> str: """Detect Splunk version from connected instance.""" try: from src.tools.health.status import GetSplunkHealth health_tool = GetSplunkHealth("get_splunk_health", "Get Splunk health status") health_result = await health_tool.execute(ctx) if ( health_result.get("status") == "success" and health_result.get("data", {}).get("status") == "connected" ): return health_result["data"].get("version", "latest") except Exception as e: logger.warning(f"Failed to detect Splunk version: {e}") return "latest" - The METADATA on the GetAdminGuide class defines the tool name (get_admin_guide), description, args (topic, version, auto_detect_version), category ('documentation'), tags, and requirements.
METADATA = ToolMetadata( name="get_admin_guide", description=( "Get detailed Splunk administration documentation for specific topics. " "Returns comprehensive administration guides with configuration, management, " "and best practices as an embedded resource.\n\n" "Args:\n" " topic (str): Administration topic. Use list_admin_topics() to see all " "available topics. Common topics include:\n" " - 'indexes' - Index management and configuration\n" " - 'authentication' - User authentication setup\n" " - 'users' - User management and roles\n" " - 'apps' - Application management\n" " - 'deployment' - Deployment configuration\n" " - 'monitoring' - System monitoring setup\n" " - 'performance' - Performance optimization\n" " - 'security' - Security configuration\n" " - 'forwarders' - Forwarder configuration\n" " - 'clustering' - Clustering setup\n" " version (str, optional): Splunk version for documentation. Examples:\n" " - '9.4' - Splunk 9.4 documentation\n" " - '9.3' - Splunk 9.3 documentation\n" " - 'latest' - Latest version (default)\n" " auto_detect_version (bool, optional): Whether to auto-detect Splunk version " "from connected instance. Defaults to True.\n\n" "Returns embedded resource with detailed administration guide.\n\n" "💡 Tip: Use list_admin_topics() to discover all available topics." ), category="documentation", tags=["administration", "configuration", "guides", "embedded-resource"], requires_connection=False, ) - src/tools/docs/__init__.py:8-36 (registration)GetAdminGuide is imported from splunk_docs_tools and re-exported in src/tools/docs/__init__.py __all__.
from .splunk_docs_tools import ( DiscoverSplunkDocs, GetAdminGuide, GetSPLReference, GetSplunkCheatSheet, # Documentation tools GetSplunkDocumentation, GetTroubleshootingGuide, ListAdminTopics, # Discovery tools ListAvailableTopics, ListSPLCommands, ListTroubleshootingTopics, ) __all__ = [ # Discovery tools for topic/command awareness "ListAvailableTopics", "ListTroubleshootingTopics", "ListAdminTopics", "ListSPLCommands", # Documentation access tools "GetSplunkDocumentation", "GetSplunkCheatSheet", "DiscoverSplunkDocs", "GetSPLReference", "GetTroubleshootingGuide", "GetAdminGuide", ] - src/tools/__init__.py:64-64 (registration)GetAdminGuide is listed in the core tools __all__ in src/tools/__init__.py, exposed via 'from .docs import *'.
"GetAdminGuide", - SplunkAdminGuideEmbeddedResource is an alternative embedded resource class for the admin guide content, providing static embedded markdown content via _get_admin_guide_content() (line 1051).
class SplunkAdminGuideEmbeddedResource(EmbeddedResource): """ Embedded Splunk administration guide. Provides administration tasks and best practices. """ def __init__(self): super().__init__( uri="embedded://splunk/docs/admin-guide", name="Splunk Administration Guide", description="Comprehensive administration guide for Splunk deployment and management", mime_type="text/markdown", embedded_content=self._get_admin_guide_content(), cache_ttl=86400, # 24 hours validate_content=True, )