This page offers some public references of work one of the members of The Dutch Data Difference have achieved.
Connecting ServiceNow CMDB and IPC to Splunk at Nationale Nederlanden
There is already a Splunk add-on called “Splunk Add-on for ServiceNow” but to us that looks like more a technical integration than a functional one. Incident, Problem, Change, and CMDB table information is put into regular Splunk indices. Meaning if we want to know the actual state of one of those IPC records or CMDB CI’s we potentially have to search way back.
This is what we call a technical integration rather than a functional one.
End 2020 we developed a solution to connect ServiceNow CMDB and IPC (Incident, Problem, and Change) data to Splunk which we further developed as the Common Metadata Data Model (CMDM) product. That solution is powered by a graph database so that:
- There is always one latest record of a particular Incident, Change, Problem, or CI. So no searching way back in time.
- The solution is having ServiceNow users and their ITIL and config groups
- The solution is keeping track of relationships between IPC records, users, groups, and CI’s.
- Making it possible from Splunk knowledge objects to query “open incidents for a particular user” or “give me all servers (hosts) for a given business service”.
End December 2020 we have given a presentation at the Splunk User Group The Netherlands for which there is no recording. If you want to know more about this, please reach out to us (Contact).
Chain monitoring at Rabobank
Back in 2017 Eduard Lekanne (working for UMBRiO at that time) was contracted by Rabobank to help them in achieving the chain monitoring goal for their new iDeal (online payments) service. It was such a big success that together with Rabobank we had a presentation slot at the Splunk annual conference (.conf2017). Here the link to the public presentation.