All Apps and Add-ons

Splunk Cloud Integration with Snow for raising tickets

dhivyamu
New Member

I'm trying to create incidents from Splunk cloud Alerts. what I read from the docs is we need install an add-on in ServiceNow as well. I did that and tried to configure it. The configuration page asks for Splunk API base URL. What should be provided for that ? I tried giving my cloud address which is something like "XX-qa.splunkcloud.com", it is not working.

Tags (3)
0 Karma
1 Solution

adonio
Ultra Champion

you will have to contact Splunk Cloud and ask them to open the API.
if you do not hold the entitlement in your organization, you will have to check internally who can submit such a request

View solution in original post

0 Karma

dhivyamu
New Member

More details, It may help someone -

port 8089 to be opened for the IP address of the ServiceNow which has to be integrated with Splunk

Base AP URL is :8089. If you use Splunk cloud, it will be your idm URL:8089

XX.splunkcloud.com:8089 or idm-XX.splunkcloud.com:8089

0 Karma

adonio
Ultra Champion

you will have to contact Splunk Cloud and ask them to open the API.
if you do not hold the entitlement in your organization, you will have to check internally who can submit such a request

0 Karma

dhivyamu
New Member

I have the entitlement. Which API should I ask them to open?

0 Karma
Get Updates on the Splunk Community!

Improve Your Security Posture

Watch NowImprove Your Security PostureCustomers are at the center of everything we do at Splunk and security ...

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...