workflow action

noun

A knowledge object that enables a variety of interactions between indexed fields in events and other web resources, including external web resources. For example, you can define workflow actions that:

Are associated with an IP address field in your search results; you use it to perform an external WHOIS lookup based on a particular value of that field in a specific event.
Use the field values in an HTTP error event to create a new entry in an external issue tracking system.
Perform an external search (using Google or a similar web application) on the value of a field in an event.
Launch secondary Splunk searches that use one or more field values from selected events.

In addition, you can define workflow actions that:

Are targeted to events that contain a particular field or set of fields, or which belong to a specific event type
Open either in the current window or a new one when they are selected.
Appear in field menus, event menus, or both (in search results).

You can set up and manage workflow actions through Manager. Navigate to Manager > Fields > Workflow actions.

For more information

See the Knowledge Manager Manual:

Create workflow actions in Splunk Web

Retrieved from "http://docs.splunk.com/Splexicon:Workflowaction"

Alphabetical
By Topic

S

Splunk

licensing

Splunk Enterprise, Splunk Enterprise trial
Splunk Free
license entitlement

Splunk services

Splunk Education
Splunk Support: Global, Enterprise, Community

Splunk server

splunkd: CLI, command line tool
Splunk Web: view, dashboard, panel, search view, Manager
app: SplunkBase, Search app, view, panel, add-on, suite

solutions

solution

suite

Enterprise Security suite
PCI Compliance suite

app

Splunk for Windows
Splunk for Unix and Linux
Splunk for Blue Coat
Splunk for F5

add-on

search

Search app

timeline, time range picker
field picker
Report Builder

Splunk search language

command transforming command punct, pipe operator
subsearch, search macro
search assistant

search timeline

finalize, send to background

search result

event, field, timestamp
report, chart

form search

search job

alert

basic conditional alert, advanced conditional alert

scheduled search

PDF server

report

Report Builder

chart

dashboard

module, panel, view
visual dashboard editor
view XML

PDF server

configuration

configuration file

data input

data filtering

blacklist, whitelist

monitor

file system change monitor

syslog

event processing

character set encoding

segmentation

timestamping

timestamp, timezone offset

default field extraction

host, source, source type, punct

indexing

index

bucket

index time

summary index

security

scripted authentication

auditing

audit event, audit index

roles

role-based access control (RBAC)
permissions

archiving

retention time

development

app

App Builder
app template

add-on

dashboard

visual dashboard editor
panel

module

view, flash timeline view
intention

event renderer

SplunkBase

REST

REST API, REST endpoint