Splunk® Supported Add-ons

Splunk Add-on for ServiceNow

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

Use workflow actions for the Splunk Add-on for ServiceNow

The Splunk Add-on for ServiceNow includes workflow actions that allow you to access incidents, events, change records, alerts, and knowledge base articles in ServiceNow directly from your Splunk search results.

Workflow action Scope Usage
Open ServiceNow Alert Any event returned by a Splunk search that has sourcetype=snow:em_event and contains the field alert with any non-null value. The workflow action opens the alert in ServiceNow in a new tab in your browser.
Open ServiceNow Change Record Any event returned by a Splunk search that has sourcetype=snow:change_request. The workflow action opens the change request in ServiceNow in a new tab in your browser.
Open ServiceNow Event Any event returned by a Splunk search that has sourcetype=snow:em_event. The workflow action opens the event in ServiceNow in a new tab in your browser.
Open ServiceNow Incident Any event returned by a Splunk search that has sourcetype=snow:incident. The workflow action opens the incident in ServiceNow in a new tab in your browser.
Open ServiceNow Knowledge Any event returned by a Splunk search that has any ServiceNow source type (sourcetype=snow*) and contains the field error. The workflow action opens a new tab in your browser to run a search in your ServiceNow Knowledge Base for the text of the error in your selected event.
Last modified on 12 December, 2023
PREVIOUS
Use custom streaming commands for the Splunk Add-on for ServiceNow
  NEXT
Lookups for the Splunk Add-on for ServiceNow

This documentation applies to the following versions of Splunk® Supported Add-ons: released, released


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters