Splunk Enterprise Security

Does Splunk ES have ticket management availability?

hariskhan
Explorer

Dear Splunkers,

Does splunk ES( when purchased) comes with any build-in ticket management system or one has to buy a new ticketing system for incident management?.
We have Manageengine ticket system deployed in over environment however we are not much sure whether it will fully integrate with splunk or we would have to hire a developer for its integration.

Labels (1)
0 Karma
1 Solution

woodcock
Esteemed Legend

ES does have a basic ticketing system built-in. As many as not use some other more fully-featured ticketing system like ServiceNow or JIRA. We have done many integrations for clients to have Splunk/ES create tickets in 3rd-party systems. There are apps that help, too.

View solution in original post

0 Karma

woodcock
Esteemed Legend

ES does have a basic ticketing system built-in. As many as not use some other more fully-featured ticketing system like ServiceNow or JIRA. We have done many integrations for clients to have Splunk/ES create tickets in 3rd-party systems. There are apps that help, too.

0 Karma

Isaa
New Member

Is serviceNow free or paid?

0 Karma

jgab1981
New Member

Hi.

 

Could you provide more information or links about this feature,, in-built ticketing system..

 

Regards

0 Karma

BJ
New Member

Do you have the documentation that helps explain what features and functions the internal ticket management systems has? Also how much can be changed like escalations, notifications, attached files, etc. 

0 Karma

lkutch_splunk
Splunk Employee
Splunk Employee

You could use the investigation workbench. It's like ticket tracking & collaborating on investigations for assets, identities, or artifacts involved in a potential security incident:
https://docs.splunk.com/Documentation/ES/6.4.0/User/InvestigationWorkbench

0 Karma

hariskhan
Explorer

Thanks woodcock,

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...