Splunk processing language (SPL)

This is the language you need to use to query splunk logs.

Basics

You start with an index (domain, where you want to search for the log-events.) and then you add patterns and search terms, you want to find in the search events.

You use pipe-commands (|) to hand over the results from the command left of the pipe to the command on the right of the pipe.

Useful links: Command referencex