i think they are very different
workflow actions as described and explained here: https://docs.splunk.com/Splexicon:Workflowaction
is A highly configurable knowledge object that enables a variety of interactions between fields in events and other web resources.
Workflow actions can:
Create HTML links that, for example, run searches in external search engines for field values.
Generate HTTP POST requests to specified URIs.
Launch secondary searches that use specific field values from a selected event.
a subsearch is a search within a search, many times used as a filter
more detailed definition here: https://docs.splunk.com/Splexicon:Subsearch
so to your question, i dont think there are relative/comparative pros and cons or discussion around that topic
what is the problem you are trying to solve?
hope it helps
It's not that I'm trying to solve a particular problem. Had that been the case I would have identified the problem. I'm trying to understand the difference between 2 types of search. If you disregard GET and POST as I did in my subj line, and focus on "search workflow actions" as described in the docs vice the splexicon: http://docs.splunk.com/Documentation/Splunk/6.6.2/Knowledge/CreateworkflowactionsinSplunkWeb#Set_up_... where it says "• Search workflow actions, which launch secondary searches that use specific field values from an event, such as a search that looks for the occurrence of specific combinations of ipaddress and http_status' field values in your index over a specific time range.", it seems to be very similar, if not identical, to a subsearch. Hence the question as it was posed.