Create Incident from SPLUNK to service now incident table
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-20-2016 05:22 AM
Hi All,
My requirement is integrate service now with SPLUNK tool. I have installed Service-now SPLUNK Addon and App in SPLUNK and also able to generate event and alert.
I checked splunk log and found alert post data to service now by using REST API call https://instancename.service-now.com/api/now/import/sn_si_incident_import.
In service now record is created in stage/source table but there is no import set number and this is the issue. Without any import set i can not move data in target table.
Other thing, is it possible to create incident in incident table from SPLUNK Alert? I have downloaded and commited "Splunk-Servicenow Integration" update set from service now store but REST API in SPLUNK is pointing to "sn_si_incident_import." table.
Your help will be much appreciated..
Thanks, Ajit
