We've just installed the Splunk Add-on for ServiceNow on our Splunk Cloud instance, which enables integration between the the two platforms.
The integration itself worked well, and alerts have been successfully configured to trigger an incident in Service Now. However, the ServiceNow Incident Integration add-on comes with a limited number of fields (state, CI, Contact Type, Assignment Group, Category, Subcategory, Short Description, Correlation ID), which doesn't pre-populate the incident with enough information for our teams to work on the incidents. Whenever an incident is triggered, they need to log on to splunk cloud to see more details about the incident.
My question is: is there a way to add additional fields to the ServiceNow Incident Integration add-on, such as severity, long description, etc)?
Thank you for your responses in advance.
@koshyk - what new version? Splunk Add-on for ServiceNow Version 3.1.0 was last updated April 6, 2018.
For what its worth, there has been no communication about enhancement request ADDON-17893 either.