Splunk Add-on for ServiceNow allows a Splunk software administrator to use ServiceNow REST APIs to collect the following types of data: incident data, event data, change data, user data, user group data, location data, configuration management database (CMDB) configuration item (CI) data. After you install and configure this add-on, you can use workflow actions that link directly from events in the Splunk platform search results to relevant ServiceNow incidents, events, and knowledge base articles. You can also use the custom commands, alert actions, and scripts to create new incidents and events in your ServiceNow instance, and update the incidents created from the Splunk platform. This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk apps, such as the Splunk App for ServiceNow or Splunk Enterprise Security.