Can we use Splunk IT Service Intelligence as an Ev...

rubeniturrieta · ‎08-20-2015

Hi to everyone

I need to add an "Event Management software layer", between Splunk and a "Tickets System" ( a "Event Management", just like Splunk App for Enterprise Security with Notable Events), for human revision.

There's a paid app, "Splunk IT Service Inteligence" (https://splunkbase.splunk.com/app/1841/ ), that looks like an "Event Management software", and works with the Common Information Model.

Is this app the "Event Management Layer" that I'm searching for, or do I need an external one?

Regards

mglauser_splunk · ‎04-06-2016

Splunk IT Service Intelligence has a "Notable Events Review" dashboard that displays information about notable events, such as time, owner, status, and severity. It allows you to triage notable events, assign event ownership, examine event details, run custom actions, and open contributing KPIs and affected services in Deep Dives to investigate root cause. Here's a link to the documentation on how to use it.

http://docs.splunk.com/Documentation/ITSI/2.2.0/User/NotableEventsReview

Hope this helps.

Can we use Splunk IT Service Intelligence as an Event Management Layer between Splunk and a "Tickets System"?

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?