Splunk Enterprise Security

Does Splunk ES have ticket management availability?

hariskhan
Explorer

Dear Splunkers,

Does splunk ES( when purchased) comes with any build-in ticket management system or one has to buy a new ticketing system for incident management?.
We have Manageengine ticket system deployed in over environment however we are not much sure whether it will fully integrate with splunk or we would have to hire a developer for its integration.

Labels (1)
0 Karma
1 Solution

woodcock
Esteemed Legend

ES does have a basic ticketing system built-in. As many as not use some other more fully-featured ticketing system like ServiceNow or JIRA. We have done many integrations for clients to have Splunk/ES create tickets in 3rd-party systems. There are apps that help, too.

View solution in original post

0 Karma

woodcock
Esteemed Legend

ES does have a basic ticketing system built-in. As many as not use some other more fully-featured ticketing system like ServiceNow or JIRA. We have done many integrations for clients to have Splunk/ES create tickets in 3rd-party systems. There are apps that help, too.

0 Karma

Isaa
New Member

Is serviceNow free or paid?

0 Karma

jgab1981
New Member

Hi.

 

Could you provide more information or links about this feature,, in-built ticketing system..

 

Regards

0 Karma

BJ
New Member

Do you have the documentation that helps explain what features and functions the internal ticket management systems has? Also how much can be changed like escalations, notifications, attached files, etc. 

0 Karma

lkutch_splunk
Splunk Employee
Splunk Employee

You could use the investigation workbench. It's like ticket tracking & collaborating on investigations for assets, identities, or artifacts involved in a potential security incident:
https://docs.splunk.com/Documentation/ES/6.4.0/User/InvestigationWorkbench

0 Karma

hariskhan
Explorer

Thanks woodcock,

0 Karma
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...