Splunk Enterprise Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Can we use Splunk IT Service Intelligence as an Event Management Layer between Splunk and a "Tickets System"?

rubeniturrieta
Communicator
‎08-20-2015 08:49 AM

Hi to everyone

I need to add an "Event Management software layer", between Splunk and a "Tickets System" ( a "Event Management", just like Splunk App for Enterprise Security with Notable Events), for human revision.

There's a paid app, "Splunk IT Service Inteligence" (https://splunkbase.splunk.com/app/1841/ ), that looks like an "Event Management software", and works with the Common Information Model.

Is this app the "Event Management Layer" that I'm searching for, or do I need an external one?

Regards

0 Karma
Reply

mglauser_splunk
Splunk Employee
Splunk Employee
‎04-06-2016 09:45 AM

Splunk IT Service Intelligence has a "Notable Events Review" dashboard that displays information about notable events, such as time, owner, status, and severity. It allows you to triage notable events, assign event ownership, examine event details, run custom actions, and open contributing KPIs and affected services in Deep Dives to investigate root cause. Here's a link to the documentation on how to use it.

http://docs.splunk.com/Documentation/ITSI/2.2.0/User/NotableEventsReview

Hope this helps.

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Index This | What travels the world but is also stuck in place?

April 2026 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data

Realizing the full potential of your Splunk investment requires more than just understanding current usage; it ...

Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...

As data volumes continue to grow and environments become more distributed, managing and optimizing data ...