Latest Updates


Create ServiceNow incident through splunk

ServiceNow : service now is a company that provides service management software as a service.

Our goal in here is to create a SNOW incident from Splunk. We can get this done using an installed from splunkbase or via the below mentioned method.
NOTE: Please make sure that service-now application is configured to receive email from splunk server. Might be the exchange server needs to have the configuration.
For creating SNOW incident we have to follow the below steps -

1. Let’s say you need to raise an incident from this alert.
    eg: index=_internal|stats count by host

2. In alert actions select option send email.

3. Then configure the email ID of service-now server in To address:

4. In mail body, you need to write an XML with required fields to be passed over to incident, lets take
    the following sample xml(modify it as per requirement) :

5. Then click on save.

Hopefully this helps you to create a service now incident directly from Splunk.

If you are still facing issue regarding this topic Feel free to Ask Doubts in the Comment Box Below and Don't Forget to Follow us on 👍 Social Networks, happy Splunking >😉
Create ServiceNow incident through splunk Reviewed by Avotrix.Author on Saturday, December 21, 2019 Rating: 5

No comments:

All Rights Reserved by Avotrix © 2018 - 2019
Developed and created by Avotrix

Contact Form


Email *

Message *

Powered by Blogger.