Hello
We are trying to integrate Splunk (with Enterprise Security) with ServiceNow and we cannot use direct integration due to below points:
1. ServiceNow is using Jakarta version which we do not see currently being supported by Splunk
2. ServiceNow team is not ready to install Splunk plugin in their environment due to some techinical issues
So we are trying to achieve the integration by sending ES Splunk Alert as Email and then Email inputs will be mapped with ServiceNow.
We need help/information if we can get same fields / inputs from ES Correlation search into an Email so as to ticket in servicenow.
If someone have tried earlier then please help me to get this integration working by getting same fields and inputs as we received through direct integration.
Regards
Sushant
↧