I am new to Splunk and still learning..
I have more than 100 queries to run when asked during a daily activity and its a pain to copy and do a paste each and every time asked to run by the team for some kind of validation..
Is there any way I can simply run them through excel like a click on query [ by making it as link ] and it simply deploy splunk in browser and run the query? Or any other option to serve the purpose ?
any help would be appreciated..
Thanks...
Maybe this can be done using lookups and the API. You'd load your spreadsheet as a lookup, then use API calls to read that lookup and execute each record (SPL Query) in your spreadsheet. Now that I think about it, you'd have to create a bash or python script to do this, I think.
I'd answer the same like skoelpin, maybe I can add that you can save your queries as reports and your users can access them whenever they need.
Sounds like a dashboard with multiple panels would be a better option. Also consider scheduled searches which can email results or trigger another action.