how do I make splunk es to check my uploaded logs

[maybe-why-not]

I have installed splunk es app and uploaded botsv1.stream_http.json but incident_review and ess_security_posture is not hitting any event how do I make splunk es to check my uploaded logs and generate a list of alerts like below. Please note that I am not checking the logs forwarded by agent, but the log files uploaded on the browser side thank you

[TheLawsOfChaos]

The BOTS sample data is a single moment in time. So you need to ensure your ES Correlation searches are reviewing events for that time period.