Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt

Use this file to discover all available pages before exploring further.

Trigger a workflow on every new search job result. Endpoint: /api/v1/m/default_search (Cribl Cloud) || /api/v1/search/jobs (Cribl On-Prem)
Workflows with this trigger check for new events every 5 minutes by default. You can adjust this interval in the Trigger settings.

Parameters

ParameterDescription
Search QueryThe search query specifying the data to search and the functions and operators to run.

For example: dataset=* | limit 100

For more information regarding building a search query, visit Cribl documentation.

Note: Do not use the sort field in the query since the trigger appends it automatically.

Sample Event

{
	"_time": 1753884392.779,
	"dataset": "$vt_jobs",
	"earliest": "-7d",
	"id": "1783394392438.BGKDEn",
	"latest": "now",
	"numStages": 1,
	"query": "dataset=\"$vt_dummy\"",
	"resolvedDatasets": [
		"$vt_dummy"
	],
	"sampleRate": 1,
	"setOptions": {},
	"status": "completed",
	"timeCompleted": 1753884393823,
	"timeCreated": 1753884392779,
	"timeStarted": 1753884393267,
	"type": "standard",
	"user": "John Doe"
}