All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Custom Fields handling in Splunk Add-on for ServiceNow

tcdbruijn
Engager
‎08-10-2021 01:52 AM

Hi fellow Splunkers,

I have some questions regarding using custom fields in the Splunk Add-on for ServiceNow.

When I try to set an alert to resolved (state 6) I seem to be unable to set the resolution information or resolution notes, instead I now place it as a comment. Did someone here manage to arrange this?

Upon creating a ticket in SNOW I can set the "short_description" field but I seem to be unable to set the "description" field. As in we can set the description field in Splunk but the content won’t be shown in SNOW, also when i set it as a custom field. Perhaps some mapping/configuration on SNOW side is needed here, but there is no documentation about what needs to be done on SNOW side.

So I guess my questions are related to how to make custom fields working on both Splunk and SNOW side as I’m missing some documentation and need some guidance! Would be much appreciated if someone can help  out!

Labels (4)
Reply
Get Updates on the Splunk Community!

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Join Principal Threat Researcher, Michael Haag, as he walks through:An introduction to the Splunk Threat ...

Splunk Life | Happy Pride Month!

Happy Pride Month, Splunk Community! 🌈 In the United States, as well as many countries around the ...

SplunkTrust | Where Are They Now - Michael Uschmann

The Background Five years ago, Splunk published several videos showcasing members of the SplunkTrust to share ...