All Apps and Add-ons

What ServiceNow licenses does the Splunk Add-on for ServiceNow require?

centrafraserk
Path Finder

I am having some difficulty integrating my Splunk instances with ServiceNow, and I am getting conflicting information from the Splunk documentation as compared to the how the integration application works on the ServiceNow end. My organization has a fairly robust instance of ServiceNow, however we do not utilize it for the Security Incident Response plugin. We also do not use Event Managment. Both are an extra ServiceNow license, but only Event Management is mentioned in the Splunk documentation, and is supposedly not required. Is the Security Incident Response plugin (and license) required for ServiceNow integration (Jakarta) even if you are just trying to leverage Splunk integration for operational incidents?

0 Karma

nickhills
Ultra Champion

I am using just the incident and CMDB integration - We don't have Events management or Incident Response either, so I think the answer to your question is no.

We have found that the Splunk incident integration has not quite met our needs, as we need to raise tickets against individuals and business services (the plugin only allows groups and CI's) so I have had to amend it to support these requirements.

If my comment helps, please give it a thumbs up!

centrafraserk
Path Finder

My ServiceNow admin is telling me that the splunk integration application forces you to install the security incident response plugin which would put us in violation of licensing. Most things I have read do not seem to mention that. Are you running Jakarta and can you confirm that the plug in is not installed? I would love to be able to generate incidents even just based on groups.

0 Karma

nickhills
Ultra Champion

We are on release Jakarta, - let me find out about Incident Response from the SN admins

If my comment helps, please give it a thumbs up!

centrafraserk
Path Finder

Thank you I really appreciate your help!

0 Karma
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...