Integrating the Splunk App for Infrastructure with ITSI

The Splunk App for Infrastructure integration was removed from ITSI in versions 4.9.x and higher.

Integrating the Splunk App for Infrastructure with IT Service Intelligence (ITSI) enables you to correlate server metrics with events and metrics from other layers of the IT stack for higher level monitoring. You can drill directly into the Splunk App for Infrastructure from ITSI to get more detailed entity information for seamless troubleshooting.

ITSI supports the following types of integration with the Splunk App for Infrastructure:

• Entities from Splunk App for Infrastructure can be ingested as entities in ITSI
• Alerts from Splunk App for Infrastructure can be ingested as notable events in ITSI

You can choose to integrate both entities and alerts, or just one or the other. The integration for each type only needs to be initiated once. After integration is set up, entities and alerts are continuously updated in ITSI from the Splunk App for Infrastructure.

Use cases

For existing Splunk App for Infrastructure users, integrating with ITSI enables you to get a service-level view of your IT infrastructure, while continuing to use the Splunk App for Infrastructure for entity-level monitoring. This enables faster troubleshooting and remediation by linking server health to service KPIs and notable events to see the big picture of overall service and business health.

For existing ITSI users, ingesting entities and alerts from the Splunk App for Infrastructure into ITSI allows you to build KPIs and services from the entities and correlate alerts from the Splunk App for Infrastructure with other events and data sources in ITSI. Additionally, ITSI provides the ability to apply machine learning to the entity-level data to detect anomalies and aggregate the event data with machine learning algorithms to reduce event noise.