Workflows
Workflows integrate with your data and are designed to help you move quickly through your data, or help you to integrate easily with other services. They can be used to drill down to another Splunk dashboard with prepopulated data in the request, perform an nslookup on an IP address in an event, open a ticket in an external ticket tracking system, or even launch an external search-all based on data found within the event. Workflows are displayed inline with the events you are working with. They don't have to apply for every single event. You can restrict a workflow to be revealed only when target events are listed, or a set of fields are listed. Workflows can be configured via the Web or configuration files.
Building a workflow in the web interface is straightforward. As part of our Splunk Developer's Guide (SDG) App, we will create a workflow that will interface with the http://mxtoolbox.com/ website to perform a reverse DNS lookup based on an IP address in the src_ip...
