Solved: How to integrate Splunk with a ticketing system so...

andybadera · ‎01-20-2016

I have an enterprise app that of course does a lot of things. When some of these things fail, we want to either call a webservice, or possibly send an email, that generates a ticket within the IT ticketing system. (The webservice is definitely available; we're verifying whether or not email input is enabled for us.)

Are OOTB Splunk searches & alerts flexible enough to handle sending a customized email on their own, or do I need to look at a Splunk app, or possibly even polling the Splunk REST API?

The idea would be:
1. Splunk parses a log event of some type or within a specified ID range.
2. Splunk, a Splunk app, or an external app sends an email to the ticketing system that includes the body of the event, and possibly other details.

AndySplunks · ‎01-20-2016

OOTB Splunk searches should be able to handle it.

I've had Splunk generate emails with content in the body of the email or attached as a CSV and then have HP Service Manager parse the data for a support request.

View solution in original post

javiergn · ‎01-21-2016

Take a look at the following apps and posts:

AndySplunks · ‎01-20-2016

OOTB Splunk searches should be able to handle it.

I've had Splunk generate emails with content in the body of the email or attached as a CSV and then have HP Service Manager parse the data for a support request.

How to integrate Splunk with a ticketing system so if something fails, an alert triggers a webservice or email to generate a ticket?

Developer Spotlight with Brett Adams

Index This | What can you do to make 55,555 equal 500?

Say goodbye to manually analyzing phishing and malware threats with Splunk Attack ...