All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to push Splunk alerts into Service now

gajananh999
Contributor
‎07-18-2014 09:27 AM

Hello Everyone,

We have some set some splunk alert and we want to push these alert into the Service Now i have gone through couple google links on splunk forum [http://answers.splunk.com/answers/47086/service-now-ticket-generation-via-splunk-alerts] there are two way to do this.

1) when get the alert run script and create a ticket in service now

2) get that alert as a email and then create a ticket in service now.

Is there any other way where we can directly create a ticket in service now using any application or any other way?

Thanks

Gajanan Hiroji

0 Karma
Reply

rsennett_splunk
Splunk Employee
Splunk Employee
‎08-11-2014 07:21 PM

It sounds like you're talking about the older version of the app.

You might want to check the current Splunk App for ServiceNow

http://apps.splunk.com/app/1770/

This is a certified integration between Splunk and ServiceNow

This version is certified for the following ServiceNow releases: Eureka, Dublin and Calgary
The application includes the "Update Sets" certified by ServiceNow
Incidents are written to a temporary staging table prior to incident creation
Scripted inputs support change, incident, problem, CMDB and event integration
Cross-Launch functionality now supports linking to ServiceNow Knowledge Base articles

With Splunk... the answer is always "YES!". It just might require more regex than you're prepared for!
0 Karma
Reply

BP9906
Builder
‎08-11-2014 07:10 PM

Well the Splunk App for ServiceNow is doing a json call to open an Incident. Why cant you do the same thing in your other application?

0 Karma
Reply

gajananh999
Contributor
‎07-21-2014 03:43 AM

Can anybody help me on this?

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...