Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

create ticket in service now - arguments missing

multiverse
Engager
‎02-04-2013 11:35 AM

It’s worth noting that this issue is being tested under the Splunk application for OS X. The goal is to get Splunk creating tickets in Service Now based on scheduled alerts. My working example is a WARN when a disk crosses the threshold of 20% available.

The search I have scheduled in Splunk looks like this:

index=* sourcetype=df | multikv | eval perc_used=trim(UsePct, "%") | search perc_used >= 80

I have put the rest of the gory details here so as not to abuse this forum:

http://themap.multiverse.org/snow_alert-sh-does-not-create-service-now-ticket-when-scheduled-under-s...

Thank you very much

Tags (1)
0 Karma
Reply

ashish_test
New Member
‎10-25-2013 12:51 AM

Link Provided is not displaying contents. Error 404:Page not found !
Can you please share the information about how we can create the tickets in servicenow using splunk.

0 Karma
Reply

jonuwz
Influencer
‎02-05-2013 12:26 AM

I've read the link. How are you authenticating within the snow script when its called from an alert ? When you run it from the CLI it looks like you need to enter a username / password.
Also - what arguments do you think are missing ? Have you added debug to the script and redirected it to file to see where i tgoes wrong ?

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...