splogTASH - SPL to Lucene translator

Recently I took part in the migration of Splunk over to ELK (Elastic Search/Logstash/Kibana). One of the main road-blocks with this migration was the syntax changes that were introduce since the query language was different in the new system. Splunk uses a proprietary language called "search processing language"