- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-03-2017 06:55 AM
I'm curious if anyone has used a Splunk api when integrating Splunk with ServiceNow?
Solved! Go to Solution.
- Labels:
-
Integrations
- 2,338 Views
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-03-2017 04:21 PM
We have done so with our instance. What in particular are you interested in? I do know there are different ways you can integrate. We had to deal with corporate firewall issues and ended up going with a manual solution through a mid-server. There are more direct ways such as just installing the Splunk plugin for Service-Now that would be more ideal, we just didn't have this option unfortunately.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-03-2017 04:21 PM
We have done so with our instance. What in particular are you interested in? I do know there are different ways you can integrate. We had to deal with corporate firewall issues and ended up going with a manual solution through a mid-server. There are more direct ways such as just installing the Splunk plugin for Service-Now that would be more ideal, we just didn't have this option unfortunately.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-05-2017 07:28 AM
Thank you. I've previously installed the ServiceNow plugin for Splunk to try to integrate the two but ran into some problems due to one being a developer instance and the other one just a regular trial. I guess I just wanted to see if there was another, maybe easier, way to go about integrating the applications using a Splunk API within ServiceNow.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-15-2017 12:35 AM
Hi bcronrath
you said you have integrated Splunk with Servicenow using MID server. Can you please explain the strategy you followed for this integration?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2017 12:36 PM
Integrating with splunk is different depending with your needs. I have done integrations with some organization where they could only be accessed via their mid server and others directly. I ended up creating an application to make the integration a lot easier for our clients. Here is what I suggest, if you don't have firewall issues then you could create a processor on ServiceNow and just do a Webhook through Splunk, the problem with this approach is that the default Webhook app from splunk doesn't include the raw. You could also do rest calls into splunk from ServiceNow but this method is trickier since you would need to create a query on /search/jobs and then fetch the results. You can check their rest doc here. Another option is to use the evanios splunk app, you need Evanios installed though on ServiceNow.
