specific parts of the official documentation that I often use

Universal Forwarder:

• outputs.conf — Controls where the data gets sent. Our organization uses a deployment server to configure this, so this is totally hands-off for me.
• inputs.conf — Control which files and directories are monitored.

Splunk Cloud web interface:

• Splunk Quick Reference
• Splunk Cheat Sheet: Query, SPL, RegEx, & Commands
• Search Processing Language (SPL)
  • Search tutorial
  • Search manual
  • Search reference
  • Understanding SPL syntax
  • Search commands — by category, and alphabetically Ones that I use frequently:
    • stats

General:

• Splexicon