Custom Fields handling in Splunk Add-on for Servic...

All Apps and Add-ons

Hi fellow Splunkers,

I have some questions regarding using custom fields in the Splunk Add-on for ServiceNow.

When I try to set an alert to resolved (state 6) I seem to be unable to set the resolution information or resolution notes, instead I now place it as a comment. Did someone here manage to arrange this?

Upon creating a ticket in SNOW I can set the "short_description" field but I seem to be unable to set the "description" field. As in we can set the description field in Splunk but the content won’t be shown in SNOW, also when i set it as a custom field. Perhaps some mapping/configuration on SNOW side is needed here, but there is no documentation about what needs to be done on SNOW side.

So I guess my questions are related to how to make custom fields working on both Splunk and SNOW side as I’m missing some documentation and need some guidance! Would be much appreciated if someone can help out!

Get Updates on the Splunk Community!

Custom Fields handling in Splunk Add-on for ServiceNow

configuration

installation

troubleshooting

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Index This | What travels the world but is also stuck in place?

Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data

Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...

Join the Conversation