All Apps and Add-ons

ServiceNow MID Server for Event Integration

adzs
Engager

I'm looking to send events from Splunk to ServiceNow using the add-on.
The catch is, for security reasons, we may be required to push the data from Splunk to ServiceNow via a MID Server.

Normal approach:
Splunk -> ServiceNow

Possible approach required for the client:
Splunk -> MID Server -> ServiceNow

Does the add-on support sending the event to the MID server at all? If not, what are the alternative options available?

Roy_9
Motivator

if that MID server supports Snow API and there should be some scripted alert action to send data, it should work i guess.

Basically in the Event integration configuration, you need to provide node details.

If you want to send the events as an incident you should provide API details as below.

/api/now/table/incident

0 Karma

lmcgchr
New Member

Hi,

Is your Splunk environment a SaaS environment? 

I was told that for Splunk On-prem, you need to use the MId server.

Thanks

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...