Release notes for the Splunk Add-on for ServiceNow
Version 4.0.0 of the Splunk Add-on for ServiceNow was released on June 19, 2019.
Version 4.0.0 of the Splunk Add-on for ServiceNow is compatible with the following software, CIM versions, and platforms:
|Splunk platform versions||6.5.x, 6.6.x, 7.0.x, 7.1.x, 7.2.x, 7.3.x|
|Supported OS for data collection||Platform Independent|
|Vendor products||ServiceNow Kingston, London and Madrid|
To upgrade from 3.1.0 or earlier to version 4.0.0 of the Splunk Add-on for ServiceNow, follow these steps:
- Before upgrading, disable the inputs configured in Splunk Add-on For ServiceNow version 3.1.0 or earlier.
- Upgrade the add-on.
- In the Splunk Add-on For ServiceNow > Configuration > ServiceNow Account tab, reconfigure your previously configured ServiceNow account.
- Go to the Splunk Add-on For ServiceNow > Inputs page, where there is a list of inputs that had been configured before the upgrade. The Table to collect data from field contains the values for all 23 table names. At first, all preconfigured inputs have a warning symbol in the Account column that indicates Missing Account configuration.
- Reconfigure each input:
- Select the correct ServiceNow account.
- (Optional) Edit the Interval field if required.
- Click Save.
- Enable the reconfigured inputs.
Version 4.0.0 of the Splunk Add-on for ServiceNow includes the following new feature:
- Support for multiple ServiceNow accounts
- Support for ServiceNow London and Madrid
Version 4.0.0 of the Splunk Add-on for ServiceNow has the following known issues. If no issues appear below, no issues have yet been reported:
|Date filed||Issue number||Description|
|2019-05-03||ADDON-21922||incidents being updated and overwritten several times|
|2018-11-05||ADDON-20601||Modular Inputs does not respect _meta|
|2015-09-15||ADDON-5559||Source type renames in version 2.7.0 of this add-on cause duplicate inputs to appear when you upgrade the add-on from any version previous to version 2.7.0 to version 2.7.0 or later.|
Disable the _snow:syslog_ sourcetype and delete the old inputs for the _syslog_ table in ServiceNow before upgrading. Use the newly added _snow:sysevent_ sourcetype instead.
|2015-09-06||ADDON-5349||Custom alert actions do not offer any validation for alert action fields.|
Third-party software attributions
Version 4.0.0 of the Splunk Add-on for ServiceNow incorporates the following third-party software libraries:
Source types for the Splunk Add-on for ServiceNow
Release history for the Splunk Add-on for ServiceNow
This documentation applies to the following versions of Splunk® Supported Add-ons: released