External DocumentationTo learn more, visit the Splunk documentation.
Basic Parameters
| Parameter | Description |
|---|---|
| Earliest Time | Specify a time string to set the inclusive start of the search. |
| Latest Time | Specify a time string to set the inclusive end of the search. |
| Search Query | The search query the created job will run. |
Advanced Parameters
| Parameter | Description |
|---|---|
| Ad Hoc Search Level | The search level of the created search. For more information, refer to the Splunk Documentation. |
| Custom ID | Optional string to specify the search ID (<sid>). If unspecified, a random ID is generated. |
| Execution Mode | Set to normal, in order to run an asynchronous search.Set to blocking, in order to return the sid when the job is complete.Set to oneshot, in order to return results in the same call. |
| Search Mode | Set to realtime to search live incoming data, or normal to run a one-time search over historical indexed data. |
Example Output
Workflow Library Example
Create Search Job with Splunk and Send Results Via Email