Hi there
I am using linux installation of splunk enterprise, which is configured to work with service-now by adding "splunk add-on for service now" and "splunk app for service-now".
Now i am able to create incidents in service-now using splunk " |snowincident " command.
Now i want to know to what kind of data can we send to service-now (ie. like logs or search result or atleast some numbered outputs) and how to send the data to service-now. (like using forwarders or any).
And also please indicate the possible way to get data from service-now into splunk(kindly mention if its posssible or not)
(Please mention if any type of config or app needs to be installed or any syntax of custom search)
↧