Does the standard Splunk ES - ServiceNow integration/plugin allow for bi-directional updates

WazzaJC
Tera Expert

Does the standard Splunk ES - ServiceNow integration/plugin allow for bi-directional updates?

 

Dear ServiceNow Community colleagues,

 

I'm quite new to ServiceNow - Splunk ES integrations, I'd just appreciate any advice/further direction on this.

 

Does the standard Splunk ES - ServiceNow plugin/integration enable bi-directional updates, between ServiceNow Security Incidents raised, that are linked to alerts that came from Splunk?

 

So if anything changes in the ServiceNow Security Incident, will that also be automatically reflected in the alert in Splunk, and vice versa?

 

Does this all happen automatically as part of that integration, or do I need to do additional configuration like REST API calls and business rules, to enable bi-direction updates between Splunk ES and Security Incident Response module in ServiceNow?

 

I would greatly appreciate any further advice/direction/articles that could help me on this.

 

Many thanks.

0 REPLIES 0