SPLK-1002 · Question #213
SPLK-1002 Question #213: Real Exam Question with Answer & Explanation
The correct answer is B: A Search workflow action, because the user is running a new search with a specific field value. A Search workflow action is the appropriate choice when a user wants to retrieve a specific field value from an event and run a search in a new browser window within their Splunk instance (Option B). This type of workflow action allows users to define a search that utilizes field
Question
A user wants to create a workflow action that will retrieve a specific field value from an event and run a search in a new browser window in the user's Splunk instance. What kind of workflow action should they create?
Options
- AA Run workflow action, because the user is running a new search with a specific field value from
- BA Search workflow action, because the user is running a new search with a specific field value
- CA POST workflow action, because the search is being sent to the user's current Splunk instance.
- DA GET workflow action, because a field value needs to be retrieved from the events returned in
Explanation
A Search workflow action is the appropriate choice when a user wants to retrieve a specific field value from an event and run a search in a new browser window within their Splunk instance (Option B). This type of workflow action allows users to define a search that utilizes field values from selected events as parameters, enabling more detailed investigation or context-specific analysis based on the original search results.
Topics
Community Discussion
No community discussion yet for this question.