All Apps and Add-ons

Which version of the Splunk App for ServiceNow should be installed for ServiceNow Helsinki compatibility?

srikanth1213
Path Finder

Currently, we have the Splunk App for ServiceNow (V 3.0) and Splunk Add-on for ServiceNow (V 2.6.0) where it is integrated with ServiceNow (SNOW) Eureka release.

Now that the SNOW team is upgrading SNOW to Helsinki, can someone tell me which version of the Splunk App for ServiceNow do I need to install?

Also pls tell me the difference between the Splunk App for ServiceNow and the Splunk Add-on for ServiceNow?

P.S I don't see Helsinki in the setup window of Splunk Add-on for ServiceNow.

0 Karma
1 Solution

ChrisG
Splunk Employee
Splunk Employee

Here is the difference between the app and the add-on. The information comes directly from the add-on documentation and the app documentation:

The Splunk App for ServiceNow provides insight into incident, change, and event management processes in your ServiceNow instance. The app includes:
- A pre-built knowledge base of dashboards and reports that deliver real-time visibility into your environment.
- Preconfigured data inputs for twenty ServiceNow database tables.
- Support for creating custom data inputs from additional ServiceNow database tables.
- A set of commands, alert actions, and scripts that allow you to perform push integration with ServiceNow.
- CIM-compliant fields and tags so that you can integrate your ServiceNow data with your other infrastructure and IT operations data sources.

The Splunk Add-on for ServiceNow allows a Splunk software administrator to collect data from ServiceNow and create incidents and events in ServiceNow.

The add-on collects incident, event, change, user, user group, location, and CMDB CI information from ServiceNow via ServiceNow REST APIs. After the Splunk platform indexes the records, you can consume the data using the prebuilt panels included with the add-on. The add-on also provides workflow actions that allow users to link directly from events in the Splunk platform search results to relevant ServiceNow incidents, events, and Knowledge Base articles.

The Splunk Add-on for ServiceNow allows Splunk administrators to use custom commands, alert actions, and scripts to create new incidents and events in your ServiceNow instance, as well as update the incidents created from the Splunk platform.

This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk apps, such as the Splunk App for ServiceNow or Splunk Enterprise Security.

Quoting further from the documentation:

  • The app supports ServiceNow versions Geneva, Fuji, Eureka, and Helsinki.
  • The Splunk Add-on for ServiceNow supports versions Helsinki, Geneva, Fuji, and Eureka

View solution in original post

ChrisG
Splunk Employee
Splunk Employee

Here is the difference between the app and the add-on. The information comes directly from the add-on documentation and the app documentation:

The Splunk App for ServiceNow provides insight into incident, change, and event management processes in your ServiceNow instance. The app includes:
- A pre-built knowledge base of dashboards and reports that deliver real-time visibility into your environment.
- Preconfigured data inputs for twenty ServiceNow database tables.
- Support for creating custom data inputs from additional ServiceNow database tables.
- A set of commands, alert actions, and scripts that allow you to perform push integration with ServiceNow.
- CIM-compliant fields and tags so that you can integrate your ServiceNow data with your other infrastructure and IT operations data sources.

The Splunk Add-on for ServiceNow allows a Splunk software administrator to collect data from ServiceNow and create incidents and events in ServiceNow.

The add-on collects incident, event, change, user, user group, location, and CMDB CI information from ServiceNow via ServiceNow REST APIs. After the Splunk platform indexes the records, you can consume the data using the prebuilt panels included with the add-on. The add-on also provides workflow actions that allow users to link directly from events in the Splunk platform search results to relevant ServiceNow incidents, events, and Knowledge Base articles.

The Splunk Add-on for ServiceNow allows Splunk administrators to use custom commands, alert actions, and scripts to create new incidents and events in your ServiceNow instance, as well as update the incidents created from the Splunk platform.

This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk apps, such as the Splunk App for ServiceNow or Splunk Enterprise Security.

Quoting further from the documentation:

  • The app supports ServiceNow versions Geneva, Fuji, Eureka, and Helsinki.
  • The Splunk Add-on for ServiceNow supports versions Helsinki, Geneva, Fuji, and Eureka

rajSN
New Member

Hi Chris,

This is Raj and I am from ServiceNow background. I am in similar situation where we implemented Splunk-Add on for ServiceNow and integrated Splunk for Eureka ServiceNow version. I used Update Set method to complete this integration in ServiceNow. Now we are upgrading to Helsinki version of ServiceNow and I need to do some analysis.

Could you please tell me, from ServiceNow side, do i need to upgrade my existing version by using new update set for Helsinki Splunk-Add on for ServiceNow? if so, what would happen to existing modules? will they get updated with new update set that i would import for Helsinki version?

Thanks,
Raj

0 Karma

srikanth1213
Path Finder

Ok thank you.

0 Karma

srikanth1213
Path Finder

Thanks a bunch Chris, so all that I have to do now is to download the latest version of Splunk add on for Service now and install in our Splunk environment to have it integrated with the Helsinki version of Snow, to have the snow event flow into Splunk. Pls correct me if am wrong anywhere..

0 Karma

ChrisG
Splunk Employee
Splunk Employee

There are configuration steps, please follow the instructions in the documentation!

0 Karma
Get Updates on the Splunk Community!

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...