nerdexam
Splunk

SPLK-5001 · Question #94

SPLK-5001 Question #94: Real Exam Question with Answer & Explanation

The correct answer is C. Workflow action. Workflow actions let you click on a field value, like an IP address, in search results or dashboards and invoke external lookups or queries (for example, sending the IP to a threat‑intel service) directly from the Splunk UI.

Question

In Splunk, what feature would an analyst leverage to drilldown on an IP address field to query third-party intelligence for that IP?

Options

  • ANotable drilldown
  • BAlert action
  • CWorkflow action
  • DAdaptive Response action

Explanation

Workflow actions let you click on a field value, like an IP address, in search results or dashboards and invoke external lookups or queries (for example, sending the IP to a threat‑intel service) directly from the Splunk UI.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SPLK-5001 Practice