"Splunk Integration" App enables faster problem analysis and resolution by integrating with the ServiceNow Event Manager to generate meaningful events and incidents into the ServiceNow platform. Drill down from ServiceNow into Splunk software for deep dive contextual diagnostics. Leverage Splunk advanced analytics to have insights into various ITSM processes metrics, detect unauthorized changes, proactively alert on emerging problems, evaluate incident and event trends and unify data silos.
The Splunk Integration Application allows you to integrate Splunk Enterprise with ServiceNow. With this integration, you will be able to trigger Splunk qualified alerts into ServiceNow in the form of incidents as well as events provided you have enabled the Event Management Plugin. Additionally, you can use this integration to collect records from incident, problem, change, CMDB or any other ServiceNow table. This allows you to leverage Splunk agile reporting and advanced analytics to have insights into IT Service Management metrics. This integration supports cross-launch capability from ServiceNow into Splunk and vise versa.
- Updated format for 'sys_created_on' from 'yyyy-MM-dd hh:mm:ss' to 'yyyy-MM-dd HH:mm:ss'.
- Removed the default value for 'State' in the Splunk Import Set table.
- Set x_splu2_splunk_ser.Splunk as necessary role for Splunk Drilldown in em_alert, em_event, incident tables.
Splunk Enterprise needs to be installed for this integration to work. For more information, please refer to the following link: http://docs.splunk.com/Documentation/Splunk/latest/Installation/Whatsinthismanual