Docs » Splunk Log Observer

Edit this page

---

Splunk Log Observer

• Introduction to Splunk Log Observer

• Set up Log Observer

• View overall system health using Timeline

• Verify changes to monitored systems with Live Tail

• Query logs in Log Observer

• Browse logs in the logs table

• Search logs by keywords or fields

• Filter logs by field

• Create field aliases

• View individual log details and create a field extraction processor

• Display a field separately in the log details flyout

• Group logs by fields using log aggregation

• Apply processing rules across historical data

• Save and share Log Observer queries

• Add logs data to Splunk Observability Cloud dashboards

• Manage the logs pipeline

  • Transform your data with log processing rules

  • Create metrics from your logs with log metricization rules

  • Archive your logs with infinite logging rules

• Where does a log’s logical time come from?

• Log Observer limits

If you do not have a Log Observer entitlement and instead use Log Observer Connect, see Splunk Log Observer Connect.

---

❮

Previous

Log Observer Connect limits

Next

Introduction to Splunk Log Observer

❯

---

• API docs
• Blog
• Training
• Free Trial