I am getting the following error while inserting the incident in ServiceNow through Splunk Add-On (while the connectivity between Splunk and ServiceNow is established, able to retrieve the incidents in Splunk)
command="snowincidentstream", Failed to create ticket. Return code is 400 (Bad Request). One of the possible causes of failure is absence of event management plugin or Splunk Integration plugin on the ServiceNow instance. To fix the issue install the plugin(s) on ServiceNow instance.