The recent update to Elastic 7.12 included a new Connector for ServiceNow SIR creation. I setup the connector and proceeded to implement it as an Action for one of the SIEM Detection rules. However, when I go to select the Action type, the ServiceNow SIR Action is not available.
Is there an extra step that I need to do for this or is it missing from the update?
Thanks everyone!
Hi @BrianD,
The ServiceNow SIR connector is only supported at the moment by Cases. It is in our roadmap to support the connector for Detections and Alerts.
Best,
Christos
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.