Hardware and software requirements for the Splunk Add-on for ServiceNow
To install and configure the Splunk Add-on for ServiceNow, you must have an
sc_admin role. To perform push integration with ServiceNow, you you must be an administrator or have the
admin_all_objects capability in the Splunk platform. This requirement applies to custom commands and alert-triggered scripts.
ServiceNow setup requirements
See the following hardware and software requirements for ingesting data into your Splunk platform deployment from your ServiceNow instance. See the release notes of this manual to learn about supported versions of ServiceNow.
ServiceNow account requirements for integration
You must configure permissions in your ServiceNow account to collect data and for push integration. To set up push integration from the Splunk platform to ServiceNow, see Configure ServiceNow to integrate with the Splunk platform, which includes instructions for configuring access control rules that allow the ServiceNow account to access the data and to perform push integration enabled by the add-on.
If you do not use push integration, create an ACL that has read-only access to all database tables from which you want to collect data. Some of these database tables are restricted to administrators by default.
ServiceNow administrator access for setup
You must have an administrator account on your ServiceNow instance to set up integration with the Splunk platform. This is required to enable users to create ServiceNow incidents and events from the Splunk platform.
ServiceNow Event Management plugin
You must install and enable the Event Management plugin in your ServiceNow environment to:
- Use the event-related workflow actions included in this add-on.
- Support event-related push integration with ServiceNow.
To see which push integration features require the plugin, see About the commands, alert actions, and scripts available with the Splunk Add-on for ServiceNow. Install and enable the Event Management plugin before you perform the steps in Configure ServiceNow to integrate with the Splunk platform.
Without the Event Management plugin, you can use this add-on to pull data from ServiceNow and create and update incidents from the Splunk platform. You cannot create events from the Splunk platform without the Event Management plugin.
For more about the Event Management plugin, search for "Event Management" in the ServiceNow product documentation.
ServiceNow Oauth setup requirements
The Splunk Add-on for ServiceNow supports Oauth 2.0 communication between your ServiceNow instance and your Splunk platform deployment.
- Install and activate the Oauth plugin on your ServiceNow instance to use the feature of OAuth 2.0 from Splunk Add-on for ServiceNow.
- Verify the property
com.snc.platform.security.oauth.is.activeis set to true.
See Configure ServiceNow to integrate with the Splunk platform for detailed Oauth application registry setup at ServiceNow.
Splunk platform requirements
Because this add-on runs on the Splunk platform, all of the system requirements apply for the Splunk software that you use to run this add-on.
- For Splunk Enterprise system requirements, see System Requirements in the Splunk Enterprise Installation Manual.
- To run this add-on entirely in Splunk Cloud, there are no additional Splunk platform requirements.
- For Splunk Light system requirements, see System Requirements in the Splunk Light Installation Manual.
- To manage on-premises forwarders to get data into Splunk Cloud, see System Requirements in the Splunk Enterprise Installation Manual.
For information about installation locations and environments, see Install the Splunk Add-on for ServiceNow.
Release history for the Splunk Add-on for ServiceNow
Installation and configuration overview for the Splunk Add-on for ServiceNow
This documentation applies to the following versions of Splunk® Supported Add-ons: released, released