Splunk® Supported Add-ons

Splunk Add-on for BMC Remedy

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

Specify required fields for incidents for the Splunk Add-on for BMC Remedy

After installing the add-on and completing the add-on setup, use the custom commands included in the add-on, or Splunk Enterprise alert actions, to create and update incidents in Remedy from a Splunk software search.

Use the required and optional fields contained in the Splunk Add-on for BMC Remedy to create or update Remedy incidents from your WSDL files or REST API. The Splunk Add-on for BMC Remedy provides the configuration files you need to include all of the required fields on your Remedy system used to create and update incidents.

If you are using Notepad or another native Windows text editor to edit this file in a Windows environment, make sure you set it not to use DOS line breaks. Extra line breaks can cause the .conf file to not be interpreted correctly on Unix/Linux systems.

Configure the field list to use custom commands to create and update incidents

When executing a custom command, the add-on gets the required and optional fields for creating or updating a Remedy incident from the WSDL files or REST API. However, in most cases the fields actually required by your Remedy system are only a subset of the required fields in the WSDL file or REST API. The Splunk Add-on for BMC Remedy provides a remedy_fields.conf file with preconfigured required fields for both incident creation and update. The required fields in this file override the required fields in the WSDL or REST API. You need to customize this file to include all of the required fields for your Remedy system. Adding the required fields for your Remedy system in this file allows you to specify only the required arguments for your system when you run the commands, rather than all of the required arguments in the WSDL or REST API.

WSDL is applicable for Soap Custom Commands and Rest is applicable for Rest Custom Commands. For more details on this, refer [http://docs.splunk.com/Documentation/AddOns/released/Remedy/Commands Custom Commands].


The required fields for a default Remedy configuration are included in the remedy_fields.conf file. The following six fields are required for creating incidents using SOAP in a default Remedy configuration: First_Name, Last_Name, Impact, Status, Summary and Urgency. The following three fields are required for updating incidents using SOAP in a default Remedy configuration: Incident_Number, Status, and Summary. Edit the list of fields to specify all of the fields that are required by your Remedy system.

You must include these six required fields for creating incidents using Rest in a default Remedy configuration:

  • First_Name
  • Last_Name
  • Impact
  • Status
  • Description
  • Urgency
  • You must include these three required fields for updating incidents using Soap in a default Remedy configuration:

  • Incident Number
  • Status
  • Description
  • Service_Type and Reported_Source are included as default fields with default values for creating incidents using SOAP in remedy_fields.conf. Splunk includes Service_Type and Reported Source as default fields with default values for creating incidents using REST in remedy_fields.conf. You can change the values of these default fields to match other values that have been defined in your Remedy system if desired.

    Follow these steps to specify required fields for Remedy incidents using remedy_fields.conf.

    1. Go to $SPLUNK_HOME/etc/apps/Splunk_TA_remedy and make a new directory called /local if it does not already exist.
    2. Copy $SPLUNK_HOME/etc/apps/Splunk_TA_remedy/default/remedy_fields.conf to $SPLUNK_HOME/etc/apps/Splunk_TA_remedy/local/remedy_fields.conf.
    3. Open the local remedy_fields.conf file in a text editor. The contents look like this:
      [create_incident]
      required = First_Name, Last_Name, Impact, Status, Summary, Urgency
      Service_Type = Infrastructure Event
      Reported_Source = Other
      
      [update_incident]
      required = Incident_Number, Status, Summary
      
      [create_incident_rest]
      required = First_Name, Last_Name, Impact, Status, Description, Urgency
      Service_Type = Infrastructure Event
      Reported Source = Other
      
      [update_incident_rest]
      required = Incident Number, Status, Description
      
      
      
    4. Under the [create_incident] or [create_incident_rest] stanza, edit the list of fields based on whether you're using SOAP or REST commands to reflect the required fields for creating incidents in your Remedy system. Use the comma separated format. Note: The lines Service_Type = Infrastructure Event and Reported_Source = Other are default fields and values for SOAP commands. You can change the default values to other values defined in your Remedy system if desired.
    5. The lines Service_Type = Infrastructure Event and Reported Source = Other are default fields and values for REST commands.. You can change these default values, if desired.

    6. Under the [update_incident] stanza, edit the list of fields based on whether you're using SOAP commands or REST commands to reflect the required fields for updating incidents in your Remedy system. Use the comma separated format.
    7. Save the file.

    Example remedy_fields.conf with updated values for a unique Remedy environment:

    [create_incident]
    required = First_Name, Last_Name, Impact, Status, Summary, Urgency, Action, Assignee, Status_Reason 
    Service_Type = Infrastructure Event
    Reported_Source = Other
    
    [update_incident]
    required = Incident_Number, Status, Summary, Impact
    
    [create_incident_rest]
    required = First_Name, Last_Name, Impact, Status, Description, Urgency, Assignee, Status_Reason
    Service_Type = Infrastructure Event
    Reported Source = Other
    
    [update_incident_rest]
    required = Incident Number, Status, Description, Impact 
    
    
    Last modified on 19 March, 2024
    PREVIOUS
    Set up the Splunk Add-on for BMC Remedy
      NEXT
    Configure Inputs for the Splunk Add-on for BMC Remedy

    This documentation applies to the following versions of Splunk® Supported Add-ons: released, released


    Was this documentation topic helpful?


    You must be logged into splunk.com in order to post comments. Log in now.

    Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

    0 out of 1000 Characters