Threat Intelligence Security Center for Splunk

The Threat Intelligence Security Center for Splunk with the ServiceNow integration provides an efficient way to enrich security operations by automating the retrieval, storage, and analysis of observables. Users can configure the interval at which they want to pull observables from the connected ServiceNow instance. This interval determines how frequently the system will make requests to ServiceNow to retrieve the observables data. Users can define and apply filters to specify which observables they want to pull from the ServiceNow instance. Once the observables are pulled from ServiceNow, they are stored in Splunk’s KV Store (Key-Value Store) and users can write correlation rules over the set of observables which were pulled in.

Built by ServiceNow SecOps Applications

Latest Version 1.1.1

April 24, 2025

Release notes

Compatibility

Not Available

Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0

Rating

0

(0)

Log in to rate this app

Support

Developer Supported addon

Learn more

The Threat Intelligence Security Center for Splunk with the ServiceNow integration provides an efficient way to enrich security operations by automating the retrieval, storage, and analysis of observables. Users can configure the interval at which they want to pull observables from the connected ServiceNow instance. This interval determines how frequently the system will make requests to ServiceNow to retrieve the observables data. Users can define and apply filters to specify which observables they want to pull from the ServiceNow instance. Once the observables are pulled from ServiceNow, they are stored in Splunk’s KV Store (Key-Value Store) and users can write correlation rules over the set of observables which were pulled in.