Prerequisites

• Obtain administrator access to Splunk.
• Install and configure the Splunk app.
• Install and configure the JSD add-on.

Procedure

To automatically create JSD tickets from Splunk alerts, add an action to the alert in Splunk.

1. From the Alerts page, click Open in Search beside the desired alert.
   Alternatively, run a new search.

2. Ensure the following condition is included in the search: where isnull(self)
   For example:
   

   index=* "FATAL" | where isnull(self)

    This condition excludes the new JSD ticket from subsequent searches, ensuring that Splunk opens only one ticket each time the alert is triggered.

3. Go to Save As > Alert.
4. At the bottom of the window, click Add Actions, and then select JIRA Service Desk Ticket.
   
5. Enter the connection details, and click Save. 
   The next time the search generates an alert, it will automatically create a ticket in your JSD instance.

Next Steps

Analyze data and configure reports in Splunk.