All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk App and Add-on for ServiceNow: How to use REST API in ServiceNow in Splunk?

vamsi92
Explorer
‎02-01-2016 02:16 AM

Hi there,

I have Splunk Enterprise installed on a Linux server. I am accessing it through an instance like http://(server ip)/8000/ from my Windows machine.
I have added the Splunk Add-on for ServiceNow and Splunk App for ServiceNow.
There is REST API on the ServiceNow instance, and I have configured MID server in ServiceNow.
How to configure the rest api in service-now and splunk?
i saw in splunk documents that splunk takes data from servicenow via Rest API.
so pls specify how to configure rest api in service-now to be able to send data from service-now to splunk.
If yes, can you please specify the steps I need to follow along?
And also please specify any other way available.

0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎02-01-2016 07:43 AM

Hi vamsi92,

you can find all needed information in the docs about the App for ServiceNow http://docs.splunk.com/Documentation/ServiceNow and the Add-on for ServiceNow http://docs.splunk.com/Documentation/AddOns/latest/ServiceNow/About

Also worth reading this part of the docs http://docs.splunk.com/Documentation/ServiceNow/4.0.1/User/Commandsalertactionsandscripts

Hope this helps ...

cheers, MuS

Reply

vamsi92
Explorer
‎02-01-2016 10:33 PM

Hi MuS, Thanks for the links.
I have gone through the entire documentation. All it says is
"The add-on collects incident, event, change, user, user group, location, and CMDB CI information from ServiceNow via ServiceNow REST APIs"
Apart from there there is nodetails of how to se or configure the rest api from either service-now point or splunk interface.

0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎02-03-2016 05:51 AM

I don't know what you're missing?

Configure ServiceNow to integrate with the Splunk platform:
http://docs.splunk.com/Documentation/AddOns/latest/ServiceNow/ConfigureServiceNowtointegratewithSplu...

Install the Splunk App for ServiceNow on Splunk Enterprise:
http://docs.splunk.com/Documentation/ServiceNow/4.0.1/Install/Installon-prem

0 Karma
Reply

vamsi92
Explorer
‎02-03-2016 11:06 PM

I have configured everything. the add-on integration.
i can send data from splunk to servicenow inform of incident creation. but not vice versa.
i want the process how to use "RESt api" in service-now to get data from service-now into splunk.
as it is written "The add-on collects incident, event, change, user, user group, location, and CMDB CI information from ServiceNow via ServiceNow REST APIs".
and in the links u posted there is no where written how to use rest api.

0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎02-04-2016 05:28 AM

Okay, you must misunderstand something here; it's not ServiceNow updating Splunk. There is an input in the ServiceNow App which reads all the data in ServiceNow from Splunk, check if they are enabled. Also, enable debugging in the TA and check what the logs report see http://docs.splunk.com/Documentation/ServiceNow/latest/Install/Troubleshoot for more details.

Again, Splunk is creating/pushing Incidents or Events in ServiceNow and also Splunk is reading from ServiceNow; it's never that ServiceNow is pushing anything into Splunk.

Hope this helps ...

0 Karma
Reply

vamsi92
Explorer
‎02-04-2016 08:52 PM

Ok thank you. I have understood your point.
but in the line "The add-on collects incident, event, change, user, user group, location, and CMDB CI information from ServiceNow via ServiceNow REST APIs".
the addon in the sense splunk add-on from servicenow right?
then how it is collecting the above said events and cmdb information usinf servicenow's rest api?
can you please explain the meaning of sentence.
thanks in advance.

0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎02-10-2016 06:10 PM

The Add on provides a script that connect to the Service Now REST API and processes the returned information which then will be available in Splunk for further reporting.

0 Karma
Reply
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...