Splunk® Enterprise

Search Manual

Download manual as PDF

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
Download topic as PDF

About writing custom search commands

The Splunk Search Processing Language (SPL) includes a wide variety of commands that you can use to get what you want out of your data and to display the results. You can use commands to correlate events and calculate statistics on your results, evaluate fields and reorder results, reformat and enrich your data, build charts, and more.

You can also expand the Splunk SPL to customize these commands to better meet your needs, or to write your own search commands for custom processing or calculations.

Use the Splunk SDK for Python, which includes several templates, to build custom search commands. See How to create custom search commands on the Splunk Dev Portal.

Retrieved from "https://docs.splunk.com/index.php?title=Documentation:Splunk:Search:Aboutcustomsearchcommands:6.2beta&oldid=880321"
PREVIOUS
Export search results 		  NEXT
Write a custom search command

This documentation applies to the following versions of Splunk® Enterprise: 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 6.2.9, 6.2.10, 6.2.11, 6.2.12, 6.2.13, 6.2.14, 6.2.15, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.3.8, 6.3.9, 6.3.10, 6.3.11, 6.3.12, 6.3.13, 6.3.14

Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters