Is your feature request related to a problem? Please describe.
Yes, for an increased coverage in DaC, we need support for various Adaptive Responses (alert actions).
Describe the solution you'd like
One of the most used Adaptive Responses in ES is to create incidents in the ServiceNow platform. There is a Splunk supported TA for this, called Splunk Add-on for ServiceNow.
I'd like to have the option to configure the snow_incident alert action in my detection definitions.
Describe alternatives you've considered
Continue to use Splunk Web to configure the snow_incident adaptive response for each detection.
Additional context
Is there interest for this, so I can open a PR to propose changes?
Is your feature request related to a problem? Please describe.
Yes, for an increased coverage in DaC, we need support for various Adaptive Responses (alert actions).
Describe the solution you'd like
One of the most used Adaptive Responses in ES is to create incidents in the ServiceNow platform. There is a Splunk supported TA for this, called Splunk Add-on for ServiceNow.
I'd like to have the option to configure the snow_incident alert action in my detection definitions.
Describe alternatives you've considered
Continue to use Splunk Web to configure the snow_incident adaptive response for each detection.
Additional context
Is there interest for this, so I can open a PR to propose changes?