I checked with support and received:
"Splunk can trigger alerts, and while natively we can't just interface with an API out of the box, you're certainly welcome to write a script and call that script as an alert action to one of your saved searches. This would be a function of your operating system."
From our Helpdesk folks I received:
"My first questions is can the system alerting utilize API calls to create the incidents? This is the preferred method. However, if e-mail is the only method, then in the e-mail generated, you would need to have value pairs to properly populate the fields."
... View more