We are using SCOM to monitor all systems.
We would like to give Splunk users access to send an alert to the monitoring system, based on a search.
So it is not bulk import of events into SCOM, just single alerts.
What is the best strategy for getting an alert into SCOM?
I looked at the syslog integration with a python script.
Is there a better/easier way?
What you need is here:
http://docs.splunk.com/Documentation/Splunk/6.2.5/alert/SendingSNMPtrapstoothersystems
Here is another Q&A that discusses several variations of the script:
http://answers.splunk.com/answers/68372/generate-snmp-trap-from-splunk.html