We are using SCOM to monitor all systems.
We would like to give Splunk users access to send an alert to the monitoring system, based on a search.
So it is not bulk import of events into SCOM, just single alerts.
What is the best strategy for getting an alert into SCOM?
I looked at the syslog integration with a python script.
Is there a better/easier way?