Join the Conversation
- Find Answers
- :
- Apps & Add-ons
- :
- All Apps and Add-ons
- :
- All Apps and Add-ons
- :
- What ServiceNow licenses does the Splunk Add-on fo...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What ServiceNow licenses does the Splunk Add-on for ServiceNow require?
I am having some difficulty integrating my Splunk instances with ServiceNow, and I am getting conflicting information from the Splunk documentation as compared to the how the integration application works on the ServiceNow end. My organization has a fairly robust instance of ServiceNow, however we do not utilize it for the Security Incident Response plugin. We also do not use Event Managment. Both are an extra ServiceNow license, but only Event Management is mentioned in the Splunk documentation, and is supposedly not required. Is the Security Incident Response plugin (and license) required for ServiceNow integration (Jakarta) even if you are just trying to leverage Splunk integration for operational incidents?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am using just the incident and CMDB integration - We don't have Events management or Incident Response either, so I think the answer to your question is no.
We have found that the Splunk incident integration has not quite met our needs, as we need to raise tickets against individuals and business services (the plugin only allows groups and CI's) so I have had to amend it to support these requirements.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
My ServiceNow admin is telling me that the splunk integration application forces you to install the security incident response plugin which would put us in violation of licensing. Most things I have read do not seem to mention that. Are you running Jakarta and can you confirm that the plug in is not installed? I would love to be able to generate incidents even just based on groups.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We are on release Jakarta, - let me find out about Incident Response from the SN admins
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you I really appreciate your help!
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Index This | What travels the world but is also stuck in place?
Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data
Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...
