Integration with Splunk
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-10-2024 06:29 AM
Hi All,
Users in the Splunk team have a table in ServiceNow that shows Splunk indexes and their ownership.
This table is static and has to be manually updated when splunk team create new indexes.
they would like it to be dynamically updated from Splunk, most feasible solution is via REST API.
Can anyone please guide steps how to achieve this?
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-10-2024 06:48 AM
Use the Import Set API.
Please refer to the article below for guidance:
Import Data Using External REST Service on a Schedule
If this response is helpful, please mark it as Correct and Helpful. You can accept multiple replies as solutions.
Thank you,
Esh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-14-2024 12:26 AM
Hi @Eshwar Reddy ,
Thank you for sharing the URL.
May I know why we are using Import set API here.
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-14-2024 12:36 AM
Please correct me if I'm wrong, but are we integrating data from Splunk to ServiceNow (Inbound Integration)?
If the other side of this integration can use any ServiceNow API, I prefer to use the Import Set API for write interfaces
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-14-2024 02:17 AM
Yes, this is inbound integration (spunk team need to create records in SN from splunk).
