Splunk Dev
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Getting error while adding ServiceNow incident through Splunk add-on: "Failed to create ticket..."

smitra_cis
Observer
‎07-21-2020 04:10 PM

Hello 

I am getting the following error while inserting the incident in ServiceNow through Splunk Add-On (while the connectivity between Splunk and ServiceNow is established, able to retrieve the incidents in Splunk)

command="snowincidentstream", Failed to create ticket. Return code is 400 (Bad Request). One of the possible causes of failure is absence of event management plugin or Splunk Integration plugin on the ServiceNow instance. To fix the issue install the plugin(s) on ServiceNow instance.

Search

source="cpu_data_updated_1.csv" |where CPU___Usage >= 47|eval contact_type="email"
| eval account="splunk_snow_dev"
| eval contact_type="email"
| eval custom_fields="u_affected_user=nobody||u_caller_id=12345"
| eval ci_identifier=host
| eval priority=1 | eval category="Software"
| eval subcategory="database"
| eval short_description="CPU on ". host ." is at ". CPU___Usage
| table account, category, subcategory, short_description, contact_type, custom_fields, ci_identifier, priority |snowincidentstream

------------

Getting this even after installing both the plugins and following the instructions in the link: - https://docs.splunk.com/Documentation/AddOns/released/ServiceNow/ConfigureServiceNowtointegratewithS...

Regards

Labels (1)
Labels
Tags (3)
0 Karma
Reply

kdroddy
Explorer
‎07-25-2020 10:29 AM

Hello,

When you go to ServiceNow, under "Installation Checklist":

kdroddy_0-1595698120857.png

Are the appropriate steps list as "Complete" under "Task Status"?

0 Karma
Reply
Register for .conf25!
Get Updates on the Splunk Community!

ATTENTION!! We’re MOVING (not really)

Hey, all! In an effort to keep this Slack workspace secure and also to make our new members' experience easy, ...

Splunk Admins: Build a Smarter Stack with These Must-See .conf25 Sessions

  Whether you're running a complex Splunk deployment or just getting your bearings as a new admin, .conf25 ...

AppDynamics Summer Webinars

This summer, our mighty AppDynamics team is cooking up some delicious content on YouTube Live to satiate your ...
Top