Integrating the Splunk App for Infrastructure with ITSI
Integrate the Splunk App for Infrastructure (SAI) with IT Service Intelligence (ITSI) to correlate server metrics with events and metrics from other layers of the IT stack for higher level monitoring. You can drill directly into SAI from ITSI to get detailed entity, group, and alert information for seamless troubleshooting.
ITSI supports the following after integrating with SAI:
- Ingest entities from SAI
- Ingest alerts from SAI as notable events
- Create services from SAI entities
The integration is one direction only, from SAI to ITSI. When enabled, entities and alerts continuously update in ITSI from SAI. Service templates are available to create services with pre-built KPIs and entity rules.
For existing SAI users, integrating with ITSI enables you to get a service-level view of your IT infrastructure while continuing to use SAI for entity and group-level monitoring. This enables faster troubleshooting and remediation by linking server health to service KPIs and notable events to see the big picture of overall service and business health.
For existing ITSI users, ingesting entities and alerts from SAI into ITSI lets you build KPIs and services from entities and groups, and correlate alerts from SAI with other events and data sources in ITSI. Additionally, ITSI lets you apply machine learning to the entity-level data to detect anomalies and aggregate the event data with machine learning algorithms to reduce event noise.
For more information about integrating with ITSI, see Integrate the Splunk App for Infrastructure with ITSI manual.
Admin and user roles in Splunk App for Infrastructure
Support for Splunk App for Infrastructure
This documentation applies to the following versions of Splunk® App for Infrastructure: 1.3.0, 1.3.1, 1.4.0, 1.4.1, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.1.0, 2.1.1 Cloud only, 2.2.0 Cloud only, 2.2.1, 2.2.3 Cloud only