Databases Reference
In-Depth Information
•
Run search in
: The choices here are
New window
or
Current window
.
•
Time range
: You
can
specify a specific time range here, either in epoch
time or relative time. Leaving
Latest time
empty will search to the latest
data available.
•
Use the same time range as the search that created the field listing
:
In most cases, you will either check this checkbox or provide a value in
at least
Earliest time
. If you do not, the query will run over all time, which
is not usually what you want. It is also possible to specify the time frame
in our query.
After we click on
Save
, we now see our action in the event workflow action menu
like this:
After we choose the option, a new window appears with our results, like this:
Linking to an external site
A workflow action can also link to an external site, using information from an event.
Let's imagine that your organization has some other web-based tool. If that tool can
accept arguments via
GET
or
POST
requests, then we can link directly to it from the
Splunk results.
Search WWH ::
Custom Search