Splunk Dev
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
- Find Answers
- :
- Apps & Add-ons
- :
- Splunk Development
- :
- Splunk Dev
- :
- Implementing a Incident management system
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Implementing a Incident management system
chimbudp
Contributor
06-14-2013
03:42 AM
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
chimbudp
Contributor
06-14-2013
06:05 AM
Thats cool. But , will i be getting the conf files and other property files ?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
chris
Motivator
06-14-2013
04:31 AM
I think, that the easiest way to "integrate" a ticketing tool with Splunk ist to set up alerts and trigger a script that will create a ticket in your existing ticketing tool ( via whatever interface the tool offers).There is documentation here
The Enterprise Security app does have a workflow implemented to deal with the notable events(which are more or less incidents) that are created. Both of those are part of ES though and not available out of the box in a standard Splunk installation.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
chris
Motivator
06-14-2013
02:14 PM
Oh, if you want to have ticketing information in Splunk it will depend on the ticketing tool and it's interfaces. If there is an interface that is exposed to the network (REST ... ) you might be able to get the information from a different machine than the ticketing server.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
chimbudp
Contributor
06-14-2013
05:49 AM
Without installing forwarder , cant we achieve this?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
chimbudp
Contributor
06-14-2013
05:49 AM
I need to set up a forwarder in the ticket tool server . there i need to configure the scripted inputs to get the ticket detials and populate in Splunk.
Problem here is Ticket Tool domain control is with another stream of business , where they provide access to install UF.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ayn
Legend
06-14-2013
04:26 AM
Get the Enterprise Security app? 😃
Get Updates on the Splunk Community!
Introducing the Splunk Developer Program!
Hey Splunk community! We are excited to announce that Splunk is launching the Splunk Developer Program in ...
Splunkbase Year in Review 2024
Reflecting on 2024, it’s clear that innovation and collaboration have defined the journey for Splunk ...
Developer Spotlight with Brett Adams
In our third Spotlight feature, we're excited to shine a light on Brett—a Splunk consultant, innovative ...
