I want to convert this particular splunk curl request into Rcurl:

curl -k -u admin:pass https://localhost:8089/services/search/jobs --get -d search="eventCount>100"

This provides an idiom via httr you can extrapolate from for other Splunk calls:

#' @param search_terms
#' @param other parameters passed to httr GET/POST request
#' @return data.frame of results
search_now <- function(search_terms, ...) {

  require(httr)

  # i.e. "https://localhost:8089"
  splunk_server <- Sys.getenv("SPLUNK_API_SERVER")
  username <- Sys.getenv("SPLUNK_USERNAME")
  password <- Sys.getenv("SPLUNK_PASSWORD")

  search_job_export_endpoint <- "servicesNS/admin/search/search/jobs/export"

  response <- GET(splunk_server,
                   path=search_job_export_endpoint,
                   encode="form",
                   config(ssl_verifyhost=FALSE, ssl_verifypeer=0),
                   authenticate(username, password),
                   query=list(search=paste0("search ", search_terms, collapse="", sep=""),
                              output_mode="csv"),
                   verbose(), ...)

  result <- read.table(text=content(response, as="text"), sep=",", header=TRUE,
                       stringsAsFactors=FALSE)

  result

}

It expects the server base URL to be in SPLUNK_API_SERVER environment variable (stick them in .Renvion) and the username and password to be in those other two really obvious variables in the code.

I had that lying around in a gist for someone else so glad it gets some more mileage. A full splunkr package is in the works.