About writing custom search commands
The Splunk Search Processing Language (SPL) includes a wide variety of commands that you can use to get what you want out of your data and to display the results. You can use commands to correlate events and calculate statistics on your results, evaluate fields and reorder results, reformat and enrich your data, build charts, and more.
You can also expand the Splunk SPL to customize these commands to better meet your needs, or to write your own search commands for custom processing or calculations.
Use the Splunk SDK for Python, which includes several templates, to build custom search commands. See How to create custom search commands on the Splunk Dev Portal.
Export search results
Write a custom search command
This documentation applies to the following versions of Splunk® Enterprise: 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.3.8, 6.3.9, 6.3.10, 6.3.11, 6.3.12, 6.3.13, 6.3.14