A single piece of data in Splunk software, similar to a record in a log file or other data input. When data is indexed, it is divided into individual events. Each event is given a timestamp, host, source, and source type. Often, a single event corresponds to a single line in your inputs, but some inputs (for example, XML logs) have multiline events, and some inputs have multiple events on a single line. When you run a successful search, you get back events.

Similar events can be categorized together with event types.

For more information

In Getting Data In:

In the Knowledge Manager Manual:

In Investigate and Respond to Threats in Splunk Mission Control: