You are ready to run your first Splunk search:
- Click directly on the green Search & Reporting app button. In this example, you use Splunk's very own internal index; this is Splunk's way of splunking itself (or collecting detailed information on all its underlying processes).
An index is the term given to where Splunk stores event data captured from log files, APIs, HTTP events, delimited files, and other machine data sources. It is in some ways like a database, but should not be compared to traditional relational databases in functionality or performance.
- In the New Search input, type in the following search query (more about the Search Processing Language (SPL) in Chapter 3, Search Processing Language):
SPL> index=_internal ...