Splunk - Run Search
Details
This atomic belongs to the Splunk atomic group.
This atomic allows you to run a new search in Splunk Cloud or Splunk Enterprise.
Target: Splunk Cloud or Splunk Enterprise integration target
Steps:
- Build the request payload
- Request the search be executed
- Check if the request was successful:
- If it was, attempt to extract the results based on which output format was chosen and set the output variables
- If it wasn't, output an error
More information about this API for Splunk Cloud: https://docs.splunk.com/Documentation/SplunkCloud/latest/RESTREF/RESTsearch#search.2Fjobs
More information about this API for Splunk Enterprise: https://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTsearch#search.2Fjobs
About
Authorship
Cisco Managed