A user-defined entity that enriches the existing data in Splunk Enterprise. You can use knowledge objects to get specific information about your data. When you create a knowledge object, you can keep it private or you can share it with other users.
Knowledge managers manage how their organizations use knowledge objects in their Splunk Enterprise deployments.
Splunk Enterprise knowledge objects include saved searches, event types, tags, field extractions, lookups, reports, alerts, data models, transactions, workflow actions, and fields.
For more information
In the Knowledge Manager Manual: