https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497294#M194787 <P>@gcusello Thanks will refer this</P> Thu, 14 May 2020 14:50:39 GMT srinivas0704 2020-05-14T14:50:39Z https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497286#M194779 <P>I am working on approach to upload logs to splunk,I have set of queries to query in logs and extract the values.How to run queries as soon as one user uploads logs without himself querying and give him the results</P> Thu, 14 May 2020 11:33:11 GMT https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497286#M194779 srinivas0704 2020-05-14T11:33:11Z https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497287#M194780 <P>Hi @srinivas0704,<BR /> you could create an alert, running e.g. every five minutes that checks logs upload and send an email with the results.<BR /> the problem is: how many users do you have for this job? if they are a limited number you could create an alert for each one with his email, if they are many is more difficoult.</P> <P>ciao.<BR /> Giuseppe</P> Thu, 14 May 2020 12:45:46 GMT https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497287#M194780 gcusello 2020-05-14T12:45:46Z https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497288#M194781 <P>@gcusello Thanks for looking into, there are many. Is there some way when user uploads the logs it does all the queries automatically and show result</P> Thu, 14 May 2020 12:48:17 GMT https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497288#M194781 srinivas0704 2020-05-14T12:48:17Z https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497289#M194782 <P>Hi @srinivas0704,<BR /> you could create a dashboard that displays all the data in an index, but the user should insert some parameters to find the uploaded logs (e.g. source or index or sourcetype).</P> <P>One question: when you speak of log upload, are you speaking of the UI guided procedure?<BR /> if yes at the end of the procedure Splunk shows a button to display all the loaded events.</P> <P>ciao.<BR /> Giuseppe</P> Thu, 14 May 2020 12:57:13 GMT https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497289#M194782 gcusello 2020-05-14T12:57:13Z https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497290#M194783 <P>@gcusello Log upload is about application logs which user uploads himself and he should get to know whats the issue on uploading logs</P> Thu, 14 May 2020 13:15:53 GMT https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497290#M194783 srinivas0704 2020-05-14T13:15:53Z https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497291#M194784 <P>Hi @srinivas0704,<BR /> as i said, at the end of the UI guided procedure user has a button to display all the loaded events.</P> <P>ciao.<BR /> Giuseppe</P> Thu, 14 May 2020 13:30:43 GMT https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497291#M194784 gcusello 2020-05-14T13:30:43Z https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497292#M194785 <P>@gcusello Do you have any guide on how to load the events so that it displays all the loaded events or queries</P> Thu, 14 May 2020 14:19:49 GMT https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497292#M194785 srinivas0704 2020-05-14T14:19:49Z https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497293#M194786 <P>Hi @srinivas0704,<BR /> see these:<BR /> <A href="https://www.youtube.com/watch?v=3GKhCZfQqDM">https://www.youtube.com/watch?v=3GKhCZfQqDM</A> <BR /> <A href="https://dev.splunk.com/enterprise/tutorials/quickstart/adddata">https://dev.splunk.com/enterprise/tutorials/quickstart/adddata</A></P> <P>Ciao.<BR /> Giuseppe</P> Thu, 14 May 2020 14:24:21 GMT https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497293#M194786 gcusello 2020-05-14T14:24:21Z https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497294#M194787 <P>@gcusello Thanks will refer this</P> Thu, 14 May 2020 14:50:39 GMT https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497294#M194787 srinivas0704 2020-05-14T14:50:39Z https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497295#M194788 <P>@gcusello Checked the video but they are still querying. Sry if I am not clear. I have a list of queries which should be executed on each and every logs user uploads and give results to them of queries executed</P> Thu, 14 May 2020 14:57:57 GMT https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497295#M194788 srinivas0704 2020-05-14T14:57:57Z https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497296#M194789 <P>The only way is to create more alert with all your queries and send results to you users, otherwise, they can access results in alerts.<BR /> Ciao.<BR /> Giuseppe</P> Thu, 14 May 2020 15:00:37 GMT https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497296#M194789 gcusello 2020-05-14T15:00:37Z https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497297#M194790 <P>ok will check this,thanks @gcusello</P> Thu, 14 May 2020 15:02:58 GMT https://community.splunk.com/t5/Splunk-Search/How-to-do-log-analysis-using-splunk/m-p/497297#M194790 srinivas0704 2020-05-14T15:02:58Z