How can I configure a Splunk alert to close, if the related Security Incident gets closed and vice versa ?
Hi ServiceNow Community colleagues, please can I ask your advice on how to achieve the following.
If a Security Incident Response has been raised, in relation to a Splunk alert, how would I configure that related Splunk alert to close, when the Security Incident gets closed, in ServiceNow and vice versa, if the Splunk alert gets closed, how can I get the related SIR in ServiceNow to get closed down automatically?
I don't think this happens automatically with any existing integration - would I have to write business rules, to achieve this ?
Thanks for any help/advice/suggestions.
