I'm not sure an API exists to do what you're talking about. Field definitions are arbitrary in Splunk, and can even be defined in SPL at search runtime. Data types are effectively all "text" until you change them with an eval function. Everything is indexed by timestamp, and there are no constraints on unique data like you would expect in a relational database - events can be duplicated easily if source data is re-scanned, and there isn't any restriction on the number of events that can occur at a single point in time. Splunk is really designed to search and process data in time series; I'm not sure what your application is intended to do, but I don't think you can use Splunk as a transactional type relational database like you would mySQL or Oracle and expect it to work well.
... View more