Get Diag App for Splunk.
Diagnostics without twenty SSH hops.
Pull targeted Splunk diagnostics straight from the UI instead of juggling CLI flags, shell history and half remembered scripts. Support gets clean bundles, on call keeps their sanity and you stop waking that one person who knows the command by heart.
- ▸One place to generate focused diag bundles for specific indexers, search heads or clusters without logging into each box.
- ▸Predefined profiles for common incidents so you capture the right logs, configs and metrics the first time instead of rerunning diags.
- ▸Built for teams where Splunk runs across dozens of servers and SSH access is locked down or heavily audited.
Built for on call Splunk admins
Get Diag is tuned for real incident flow. It helps you grab the right evidence quickly so you can move from guessing to explaining and stop turning every P1 into a forensics exercise.
Targeted diagnostics, not dumps
Generate focused bundles for the instances actually involved in the incident instead of huge diags you never fully upload or review.
Repeatable incident profiles
Save common diag profiles for search lag, indexer health or license issues so every on call engineer can pull the same clean evidence set.
Works with tight access controls
Keep SSH locked down while still giving ops and support a safe way to trigger diagnostics from the Splunk UI with a clear audit trail.