Re: Splunk App for ServiceNow: Can we implement cu...

hkshim88 · ‎09-22-2017

Hello,

Hello Support Team,

I am trying to integrate servicenow app/addon on Splunk and would like to enable the ServiceNow Event Integration for the trigger action. However, I am wondering if there is any way for us to customize the fields. Currently we see 5 fields: Node, Type, Resource, Severity and Description. Does anyone know how to add/change the fields similar to the one in ServiceNow Security Operations add-on for Splunk? The ServiceNow Security Incident has the fields: Title, CI/Host, Category, Subcategory, Group, Source, Priority and Description. We do not want to use the security incident as that is not enabled on the ServiceNow side yet.

Kindly let us know if there is a way.

Thank you.

chrisyounger · ‎03-28-2019

I don't thinks its officially supported, but you can follow this process:

https://answers.splunk.com/answers/736869/servicenow-how-do-set-extra-custom-fields-when-cre.html

ChrisBell04 · ‎04-27-2018

Enhancement request ADDON-17893 has been filed to add the Description field to incident creation.

Splunk App for ServiceNow: Can we implement custom fields?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Deep Dive: Accelerate threat investigation with Splunk’s AI Assistant in Security

Announcing Modern Navigation: A New Era of Splunk User Experience

Detection Engineering Office Hours: Real-World Troubleshooting & Q&A

Join the Conversation