Does the standard Splunk ES - ServiceNow integration/plugin allow for bi-directional updates
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-12-2025 08:35 AM - edited 06-12-2025 08:37 AM
Does the standard Splunk ES - ServiceNow integration/plugin allow for bi-directional updates?
Dear ServiceNow Community colleagues,
I'm quite new to ServiceNow - Splunk ES integrations, I'd just appreciate any advice/further direction on this.
Does the standard Splunk ES - ServiceNow plugin/integration enable bi-directional updates, between ServiceNow Security Incidents raised, that are linked to alerts that came from Splunk?
So if anything changes in the ServiceNow Security Incident, will that also be automatically reflected in the alert in Splunk, and vice versa?
Does this all happen automatically as part of that integration, or do I need to do additional configuration like REST API calls and business rules, to enable bi-direction updates between Splunk ES and Security Incident Response module in ServiceNow?
I would greatly appreciate any further advice/direction/articles that could help me on this.
Many thanks.