Splunk® App for ServiceNow

Installation and Configuration Manual

Download manual as PDF

Download topic as PDF

Hardware and software requirements for the Splunk App for ServiceNow

Splunk platform requirements

Because this add-on runs on the Splunk platform, all of the system requirements apply for the Splunk software that you use to run this app.

  • If you are running this app entirely in Splunk Cloud, there are no additional Splunk platform requirements.
  • If you are managing on-premises forwarders to get data in to Splunk Cloud, see "System Requirements" in the Installation Manual in the Splunk Enterprise documentation, which includes information about forwarders.
  • If you are running this app in an on-premises deployment of the Splunk platform, see "System Requirements" in the Installation Manual in the Splunk Enterprise documentation.

The Splunk App for ServiceNow runs on Splunk Cloud 6.2.4 and above or Splunk Enterprise 6.2.0 and above.

Splunk platform administrator requirements

Performing push integration with ServiceNow requires the Splunk user to be an administrator or have the admin_all_object capability in the Splunk platform. This requirement applies to custom commands and alert-triggered scripts.

ServiceNow administrator access

You must have an administrator account on your ServiceNow instance to configure integration with the Splunk platform, required for enabling users to create ServiceNow incidents and events from the Splunk platform.

For supported versions of ServiceNow, refer to the Release notes for the Splunk Add-on for Service Now.

ServiceNow Event Management plugin

You must have the Event Management plugin installed and enabled on your ServiceNow environment in order to use the event-related workflow actions included in this app and support event-related push integration with ServiceNow. Be sure to install and enable the Event Management plugin before you perform the steps in "Configure ServiceNow integration with the Splunk platform."

Without the Event Management plugin, you can still use this app to pull data from ServiceNow and create and update incidents from the Splunk platform, but you cannot create events from the Splunk platform.

Find out more about the Event Management plugin at http://wiki.servicenow.com/index.php?title=Event_Management.

Splunk Add-on for ServiceNow

The Splunk App for ServiceNow requires the Splunk Add-on for ServiceNow version 2.8.0 or later. You must install both the add-on and the app for the app to function.

Data the Splunk App for ServiceNow collects
Plan your deployment of the Splunk App for ServiceNow

This documentation applies to the following versions of Splunk® App for ServiceNow: 4.0.2, 4.0.3

Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters